5770f6066b3f265edd8deffa52aeb05c40851cf45c7fca1385db7912ffce7211N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5770f6066b3f265edd8deffa52aeb05c40851cf45c7fca1385db7912ffce7211N
Size

4KB
MD5

497890a6384a4dbc0e138a6978560500
SHA1

3b7e20176a73fd758f0d2ef0500da73a60227762
SHA256

5770f6066b3f265edd8deffa52aeb05c40851cf45c7fca1385db7912ffce7211
SHA512

03a1efa9808f3892e036e1d9d22ce18e52dc384582d9d9b74df3b427825868ce0f6fcd88acdbadc6265ae080af3e0f1ecec72fd2d116bbc02039014530c70f3d
SSDEEP

96:5CJxwxapZ7SpJox6Ft8mw2pCQ2EhTR+AC2pnTZmUOaq9wF:50xwM9Yax6t8mVCmpCWTZmjH9wF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cmproxy.dll

Files

5770f6066b3f265edd8deffa52aeb05c40851cf45c7fca1385db7912ffce7211N
.cab
cmproxy.dll
.dll windows:5 windows x86 arch:x86

cc01e18ebd8b45d37ddf5e50f832d9cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpiA
GetPrivateProfileStringA
GetModuleHandleA
GetPrivateProfileIntA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LocalFree
lstrlenA
GetLastError
CompareStringA
QueryPerformanceCounter
DisableThreadLibraryCalls

cmutil

CmStrCatAllocA
CmMalloc
CmFree
CmStrrchrA
CmStrCpyAllocA
GetOSVersion

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

user32

wsprintfA
CharNextA

Exports

Exports

SetProxy

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ