coolniga[.]exe | Triage

Sharing

General

Target

coolniga.exe
Size

267KB
MD5

19d91cbed122f79fac01873b49b9204e
SHA1

f3e83e66654fda5f1d3f811c5298533db5a03359
SHA256

42eab08e7e4884b9f64fe8dd025fdf89fdde4fde6177610d945819a417fcff3c
SHA512

fa3f2de2a3a27781a7107b2f9072362afcc9c7bfd04b3f1c3bec67c387d91287afaf998f6697356df386445143285105c2889d4f292beb2f2deac352c0341de1
SSDEEP

6144:/9WkPquna55bH2L3RC/7kxYoSg2TRqwUyG5KZ9wmD/Gn7TWen8GDSlvmyYmQheN:BPqWa55bH2L3RC/7kxYoZ2TRnUyG5KZm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
coolniga.exe

Files

coolniga.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ