23d158a3a44f8d35ea9fd3b28f60f9c0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23d158a3a44f8d35ea9fd3b28f60f9c0N.exe
Size

61KB
MD5

23d158a3a44f8d35ea9fd3b28f60f9c0
SHA1

02b061a3ca464baa9cfbab03038a39d4170e83cf
SHA256

9b60acce833c0d105f3310e4a26f7a5587fd57b6c7d88d73ee7ab86b033ab63d
SHA512

8b95bc9304164e544abb9f7e87ffdbd855c64c2d87a6045a82a8cddade856fbf4ae56e0e1600bb384b3812e7faecd1fc37068cc6af188f35d78802a41006eafa
SSDEEP

768:61SRDXnZZJudByo4VtvCYr4oQ3sWwUWUIawfQalLbsrw7iF+gy9:ZRD3ayH/839iaVucX+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23d158a3a44f8d35ea9fd3b28f60f9c0N.exe

Files

23d158a3a44f8d35ea9fd3b28f60f9c0N.exe
.exe windows:5 windows x86 arch:x86

fd1d68a169a2a7ae3397a585f25bba38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

ord13

mscms

RegisterCMMW

kernel32

GetLastError
ExitProcess
GetModuleHandleW

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ