cf65095dd87824c29c1f5c28b80fa005 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf65095dd87824c29c1f5c28b80fa005
Size

328KB
MD5

cf65095dd87824c29c1f5c28b80fa005
SHA1

d06306e0673cc8e71a242437942a241baa037aa6
SHA256

1153d91c9bb4c21dde6a9e633492170b1bef6da5f8bc375b551be47253f1f033
SHA512

4f6e28dff816236c50e512fe8592caa9c40b0a367aafcb7ddb49b9012eb44907c46b41c85fc3602a433e5ded2159c66f8f63c6dc6ccf16c9dc8c8fc0e5de3637
SSDEEP

6144:Cxth4pSJKJp2RfN1G5ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uTg:S/44oj23O0NxDIBuOFe7/uTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf65095dd87824c29c1f5c28b80fa005

Files

cf65095dd87824c29c1f5c28b80fa005
.exe windows:4 windows x86 arch:x86

5dddb76370699975c89bc47ebd2cfd16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GlobalWire
NlsGetCacheUpdateCount
GetBinaryTypeW
CreateTimerQueueTimer
BuildCommDCBAndTimeoutsA
LZClose
_lread
GetConsoleMode
GetFileAttributesA
GetCurrentConsoleFont

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htext
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE