cff90f92c44af04b36f141a2e36f1a10N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cff90f92c44af04b36f141a2e36f1a10N.exe
Size

91KB
MD5

cff90f92c44af04b36f141a2e36f1a10
SHA1

722829a08373c2a67d097697d12019dfa04296ad
SHA256

167ea7b4c8f23db093836b76288bcf8edbaea75bb1a6ab12721a151eaaf907e1
SHA512

5ab11087fe18183162d435c8653188c012082c3b52d693ff422aa1567daf9e2328ccd8413206373a00d11975fa375dfaf6c2a2aef8fb9eea977c07068efc2c34
SSDEEP

1536:5pz55A5b8UaTboDRzCr5Qi/Q8CnXFwL0ukevL1f3NWbfu3pVqVbu0aUUR1Gkde:/A5OMzQCi48CnXSW4N04+uFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cff90f92c44af04b36f141a2e36f1a10N.exe

Files

cff90f92c44af04b36f141a2e36f1a10N.exe
.exe windows:4 windows x86 arch:x86

286d8fd9b33ab7f8ff531b6930d7deec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemAppDataKey
FindNextVolumeMountPointW
GetProcessPriorityBoost
SetConsoleCursorInfo
RtlFillMemory
LeaveCriticalSection
TerminateProcess
K32GetWsChangesEx
lstrcat
TermsrvDeleteKey
GetStringScripts

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE