ce7d81792d981dadddd53a22b9c15a8717cf6e393a07bccf01df9e04b3718b55_payload[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce7d81792d981dadddd53a22b9c15a8717cf6e393a07bccf01df9e04b3718b55_payload.exe
Size

302KB
MD5

681b2982ac056b05cfaf35342580a79e
SHA1

950a3f04099c29bbd4e4bb4b86cb8bb67b1e82f3
SHA256

eb33ac67e7b72a6af539cc469aa8ba7283df302c92775cc0c9c6d35c1deac13d
SHA512

a48547b2f3b7a3822232ab6065b2803c3b7b39936b4b74789498eccba6b74bc3b13a6cdd27cd138a1570cc1b3f011d20cdd5a5b00b3e785b988657cc6af00827
SSDEEP

6144:cP3X5/HpAexkPWXJuX8Qm7gXScwnaUYwJ6L:cP3X5hvwquMQm7gXS7nMwJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce7d81792d981dadddd53a22b9c15a8717cf6e393a07bccf01df9e04b3718b55_payload.exe

Files

ce7d81792d981dadddd53a22b9c15a8717cf6e393a07bccf01df9e04b3718b55_payload.exe
.exe windows:6 windows x86 arch:x86

2d05f25bcaf5848849812d4fbc9bd796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetConsoleWindow
GetLastError
GetStdHandle
GlobalLock
GlobalUnlock

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantInit

user32

CloseClipboard
GetClipboardData
GetDC
GetSystemMetrics
GetWindowInfo
OpenClipboard
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetObjectW
SelectObject
SelectPalette

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ