cec2588e237b0f47043e5894fd54c745971b36caa65e1697f38426426d4bb9bd[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec2588e237b0f47043e5894fd54c745971b36caa65e1697f38426426d4bb9bd.exe
Size

449KB
MD5

d5734555538927fccec1af4d0b69f30f
SHA1

460e88e8f6fb9c629652f540ea07745cc65f4df9
SHA256

cec2588e237b0f47043e5894fd54c745971b36caa65e1697f38426426d4bb9bd
SHA512

a90ab1bc4da0d9848c68124baa5ff749b6e76f5930eaa8b263e9358c5e90d22b92faea5c4e34663a99d709b57210f77b34ce05dbb208f7dc15978604144d2b86
SSDEEP

6144:rMVfyNcd7HwRyCg9UstpTFlgUmYVshTrg80NCnlBAAyghqFg0vdq3:rwdd7H9C4RFlgUmYVKnB0yvCGGY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec2588e237b0f47043e5894fd54c745971b36caa65e1697f38426426d4bb9bd.exe

Files

cec2588e237b0f47043e5894fd54c745971b36caa65e1697f38426426d4bb9bd.exe
.exe windows:5 windows x86 arch:x86

767c736b3fa35b29560fcce8d65b8372

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

WSACleanup

winmm

mixerOpen

version

VerQueryValueA

comctl32

ord6

psapi

GetModuleBaseNameA

user32

GetDC

gdi32

BitBlt

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayGetLBound

Sections

.MPRESS1
Size: 297KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE