cdab414388d11318f28fbf244c9653b0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdab414388d11318f28fbf244c9653b0N.exe
Size

596KB
MD5

cdab414388d11318f28fbf244c9653b0
SHA1

375716f3f1843dfb195a035558348bf538639cf0
SHA256

57733b41a1444f01ee1b8b5cfbf26624ac124e198f2c11c767e35f87a1806322
SHA512

360e8a3a6898431f8bad9f5db94fc062b9f5bc35fbc54f92228d728f767c6808eb03037d5885811ee54472f191f886cf2973acd50a1c075853bf3a6db73b9e24
SSDEEP

12288:yMJgLWhEGuZxy0i/iVt05F3FQit3ko3lJKvoKpukA:y+GWhPuaySz3FQmko1lJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdab414388d11318f28fbf244c9653b0N.exe

Files

cdab414388d11318f28fbf244c9653b0N.exe
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.text
Size: 508KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE