b0d2d34c386afaefba0a25edaca63bf32ed1ef302593e3466e2d3dea8d14662e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0d2d34c386afaefba0a25edaca63bf32ed1ef302593e3466e2d3dea8d14662e
Size

6KB
MD5

10b5460c3e4c3a3fe42fc3ef74d91777
SHA1

d49172c0d0db41086f07f123ac051cb6e2e26fc9
SHA256

b0d2d34c386afaefba0a25edaca63bf32ed1ef302593e3466e2d3dea8d14662e
SHA512

78bbb2784a713dcc00a6e300ac7908937f6c24871c49f565c3099e5b5a1078e859c6ce14bd5e6003e67a2a7c714ac027df257df3c9f127642032fefad9166618
SSDEEP

96:5EiMSSV2WGbjEzjw8Jk9tKCDAQPUAEkME:5EaVSzpJfCDAuUrkX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0d2d34c386afaefba0a25edaca63bf32ed1ef302593e3466e2d3dea8d14662e

Files

b0d2d34c386afaefba0a25edaca63bf32ed1ef302593e3466e2d3dea8d14662e
.exe windows:5 windows x86 arch:x86

786807eaffd0250c946fd759c2d070c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\beta6.2\w2k\src\stubexe\objfre_wnet_x86\i386\cnmse.pdb

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
wcschr

kernel32

CreateFileW
CloseHandle
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetSystemDirectoryW
CreateProcessW
LoadLibraryW
GetProcAddress
lstrlenW
lstrcpyW

user32

wsprintfW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE