c1ce71b0853dbed92f362eaebc3fa96704c82dbd5a4d69d478e8d5ac68587b3cN[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1ce71b0853dbed92f362eaebc3fa96704c82dbd5a4d69d478e8d5ac68587b3cN.exe
Size

8KB
MD5

ea82ac99b200bc841ab472e617b84360
SHA1

eef293628504612fbdd5d15c2a88207dcb6a0aa9
SHA256

c1ce71b0853dbed92f362eaebc3fa96704c82dbd5a4d69d478e8d5ac68587b3c
SHA512

5f843aa57473543bb76b9b877fdb7103dce48d45b29c19a42b26a3d0b314e93fd6caf40dc161fc543cf73b2aec0a40787eba679abae2a16ef13bfb39e49f744d
SSDEEP

96:lSBcK1NH3OYFRVUTeHF156QkQ9zfGJXyLyM6Jp0nIPV0vPe0:lSTmYnVPFZR9ypyLyFXkIEPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1ce71b0853dbed92f362eaebc3fa96704c82dbd5a4d69d478e8d5ac68587b3cN.exe

Files

c1ce71b0853dbed92f362eaebc3fa96704c82dbd5a4d69d478e8d5ac68587b3cN.exe
.exe windows:4 windows x86 arch:x86

6ccd7d9c2ac46e4e645aded0dba24749

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalFree
GetOEMCP
CreateHardLinkA
CreateJobSet
GetTapeStatus
GetVolumePathNamesForVolumeNameA
GetProcessHeap
ExitProcess
EnterCriticalSection
FormatMessageA
GlobalFlags
ClearCommBreak
GetStdHandle
GlobalLock
GetProfileStringA
GetUserDefaultLangID
GetCommState
CloseHandle
FindAtomA
VirtualAlloc

user32

ShowWindow
ValidateRect
GetClassNameA
CloseWindow
GetWindowTextA
GetFocus
IsIconic
ReleaseDC
GetClassInfoExA
BeginPaint
EndPaint
GetWindowTextLengthA
GetWindow
GetDC
RegisterClassA
GetForegroundWindow
GetActiveWindow
DrawEdge
GetParent

wsock32

WSAGetLastError
WSAStartup
WSACleanup
WSAAsyncSelect
WSAIsBlocking

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ