cce5557aad7396b51ec78bbe8cf33130N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cce5557aad7396b51ec78bbe8cf33130N.exe
Size

43KB
MD5

cce5557aad7396b51ec78bbe8cf33130
SHA1

e45fb1d5245698e6c39a24af39c751069a89b500
SHA256

7767455f5f138e92548e99e5233a80b4cebe0a38b55199b4b84490f944da9f57
SHA512

91e9d48eefd02aebd383db03af3eff285a07b03f00073663f2242b03980f5665aa9a03e11cedc41f39420cfd33b6176327471f0b2841a2b540364904afcf6a69
SSDEEP

768:3UtP6gqUHAVbEwrcD5iV1J7oRiKzuZ+2rKuvW2V/IDpJBuGN:EtzLHABXo47wqLeut0pOGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cce5557aad7396b51ec78bbe8cf33130N.exe

Files

cce5557aad7396b51ec78bbe8cf33130N.exe
.dll windows:4 windows x86 arch:x86

ffd5be175c46db529e9b01e70563c4d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32.dll

RegCloseKey

shell32

ShellExecuteA

shlwapi.dll

StrCmpW

winmm.dll

waveInUnprepareHeader

msvcrt.dll

malloc

gdi32

DeleteObject

psapi

GetModuleFileNameExA

ws2_32

listen

ole32

CreateStreamOnHGlobal

imm32

ImmReleaseContext

avicap32

capCreateCaptureWindowA

user32

ExitWindowsEx

Exports

Exports

DllInstall
ServiceMain
ldap_open

Sections

.erdf
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE