cb8e383868c93d77b50ed278d0005ecfb3096027e9de747a0da13272ea8cf8eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb8e383868c93d77b50ed278d0005ecfb3096027e9de747a0da13272ea8cf8eb
Size

59KB
MD5

8dd6839947bf22f3a504a56b7ab4fb08
SHA1

2882f4131750939cb1f3825d6d951ba9868f0d7f
SHA256

cb8e383868c93d77b50ed278d0005ecfb3096027e9de747a0da13272ea8cf8eb
SHA512

f565b2a9908e6b15933d58e8857e38fc1336e755898d574f826a73837cf58e7d0c2f06ed7e24f29eb50447d0003fc4186d2d0d3dedbcaebb9473c98690863493
SSDEEP

1536:xAVpYPLsUDbXUzzqNANl9isgM5myeteYOH3p4Pelp:GVpYPx3S2K3ks3ff3p40p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb8e383868c93d77b50ed278d0005ecfb3096027e9de747a0da13272ea8cf8eb

Files

cb8e383868c93d77b50ed278d0005ecfb3096027e9de747a0da13272ea8cf8eb
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

VGSDHSJK
Size: - Virtual size: 160KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VGSDHSJK
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE