c0da22d6c499d48844a7ff219ad92400N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0da22d6c499d48844a7ff219ad92400N.exe
Size

24KB
MD5

c0da22d6c499d48844a7ff219ad92400
SHA1

fba94e340f42c4e3ab61c21e0818ac53be7325e1
SHA256

bcebee198e8f3c8a009fff4fa632a68901f34132e9e5c656df8d8cd12b41cfc7
SHA512

64a21975866b46bcdc9e8d4f9fdaf763447256d179d66a51ef30221624e59fdefe8dc857bf145121193a275761db76ba63f8ec58ab71bce748b3a4ff250c0c70
SSDEEP

384:ErzPe3ulXCpNoApPFOkHaGeXpz+rx6ytN37DPvSqlkGz+J7NCB5GOdko/JyKK:ErzqwCpNvFP5eX90v7zvHqn453d/VK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0da22d6c499d48844a7ff219ad92400N.exe

Files

c0da22d6c499d48844a7ff219ad92400N.exe
.exe windows:4 windows x86 arch:x86

e95e3c19c1b1846eddfe9b97188d572c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
CreateProcessW
DeleteFileA
ExitProcess
GetCommandLineW
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
HeapAlloc
ReadFile
SetFileAttributesA
SetFilePointer
WriteFile

ntdll

NtFlushInstructionCache
NtOpenKey
NtProtectVirtualMemory

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE