cd2051727311f71ed334b4908faa043d45686b89e34bdd586a671a24126fb220 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd2051727311f71ed334b4908faa043d45686b89e34bdd586a671a24126fb220
Size

119KB
MD5

716fce666495640a2f11d60b39b43103
SHA1

4f743b7afb6b687057fac435044ba83a440e9b18
SHA256

cd2051727311f71ed334b4908faa043d45686b89e34bdd586a671a24126fb220
SHA512

bd8b339bda0ce8803527f7a4bb22640cdd1ffb7e5714cc65fb70f3c306b00219219c1c06ad2ad23d71a3e3e45aab2c4139c02a454e2bc03e5b8ab83615f7a5d1
SSDEEP

3072:AJEYBGaCZC89ThbxkwdJ5/kNk3KVq/QfYz/yF4:G1FIhtZ/kG3KVq9qF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd2051727311f71ed334b4908faa043d45686b89e34bdd586a671a24126fb220

Files

cd2051727311f71ed334b4908faa043d45686b89e34bdd586a671a24126fb220
.exe windows:4 windows x86 arch:x86

62e1ac838b02d06c012de4e5b2fb9d28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumaProcessorNode
BaseFlushAppcompatCacheWorker
GetCurrentProcessId
EnterSynchronizationBarrier
ReleaseSRWLockExclusive
CreateMutexExA
QuirkGetDataWorker
TermsrvGetWindowsDirectoryW
SetTapePosition

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE