cdaac42b3565f4fa2c9b70c544384ab0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdaac42b3565f4fa2c9b70c544384ab0N.exe
Size

229KB
MD5

cdaac42b3565f4fa2c9b70c544384ab0
SHA1

746d92ff46e69f154d9456e33ff932c5fe2a41c6
SHA256

d27e170cac7df85bb76f8b0b7d5945eb9758975547a8976d39dc7a119b0a364a
SHA512

f2fa37e8053ed8c853dec693dba0e805754fc64b34c9b92d2153c898da71fe3f14e2bd9e2eafb80617691cccf573fc01b7df91c21f37c5f883a03a7395b19abd
SSDEEP

3072:Cz26EpQfitRgUstHKK0PgCm5C2cz9kX88HkkT:Cz2+m45KKwF0cRkX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdaac42b3565f4fa2c9b70c544384ab0N.exe

Files

cdaac42b3565f4fa2c9b70c544384ab0N.exe
.exe windows:4 windows x86 arch:x86

5b1ec7f22d34e9fe8551858e0877d5a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAllocEx
ExitProcess
GetVersionExA
GetThreadLocale
GetVersion
GetUserDefaultLCID
GetTickCount

user32

IsCharUpperA
ScrollWindow
SendMessageA
SetActiveWindow
GetMenu
GetActiveWindow
SendMessageW
GetSysColorBrush

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

memmove
sqrt
rand
sprintf
_acmdln
wcscspn
memcpy
wcstol
malloc
srand

Exports

Exports

_OYrRJ

Sections

CODE
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cpdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eadata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ