Cient[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Cient.exe
Size

429KB
MD5

560cc98c3949d39696d4e4b3e6cdc159
SHA1

f645ec7ac46ae8070273c898a1452227fcbfb5e9
SHA256

7836a048c19d281b6128735076e7f38a868f045e4f100fce42d69208211d650c
SHA512

74f74bdadaabb37396eef1775b954314455d2bb63d30a640b0ced2b117abf431587e4752f4869b61e771b197245386592e434477552c3219131cbe9ad26a0551
SSDEEP

6144:B4r1UmPVcJv3TCpLqqjMe6VlWT8b9h7P9lI3bZR+5eU5ot:B4rLWJv3T3YMPVle8XvEU5ot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Cient.exe

Files

Cient.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ