CABARC[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CABARC.EXE
Size

52KB
MD5

753ce812d8af43bfe54d9db02f55eeb9
SHA1

8c0a6a297ef1af48d62e01cc39f0f0ee313d2a0f
SHA256

51abee3a66f3696710923e7e3955dadc8dc14c90433ade0be5d7b517fe1708e9
SHA512

639c22ab9edf3aac85a8b7295e0149f1eb25d49f2fa78be359dd3ebe98a3af201c5b6afcc60bc4014b91c7f4e05fe6f96cb8c25d8dba63d8a47a84e20d83ab1d
SSDEEP

1536:U3yXKw/WVGAN85ocar8zJHFCkXOuCdbAPIRO:U3yXHH7GrEHtjCAIRO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CABARC.EXE

Files

CABARC.EXE
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 48KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE