cdc40c191a86b7d968c1b5b4a13330031682fa8aab71881a005c564f31a82d1aN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdc40c191a86b7d968c1b5b4a13330031682fa8aab71881a005c564f31a82d1aN
Size

124KB
MD5

1f50f8440cb7afbcec8c1bdf39c84030
SHA1

e7297a43b1be091b2034d08f0e1e2042d969bbc3
SHA256

cdc40c191a86b7d968c1b5b4a13330031682fa8aab71881a005c564f31a82d1a
SHA512

dc86f314cfa0d45bcdb3aab91a14c13e684efd09595c0df1edd33ce3fd812ed3c8ac3c85b10d7d80aa04b526595ad629e0c6b6f3d950f24827496c6694c65143
SSDEEP

1536:/psUGDQSaBYdDxHopEvWx5R6oXmAFJI7hMRULNZpp6BoyDaO7ytTaRXac6sNB6HZ:+U+7aBJQoduZzLK6tB2qjC+dZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdc40c191a86b7d968c1b5b4a13330031682fa8aab71881a005c564f31a82d1aN

Files

cdc40c191a86b7d968c1b5b4a13330031682fa8aab71881a005c564f31a82d1aN
.dll .vbs windows:4 windows x86 arch:x86 polyglot

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

API��
World
start
��_HTTP��Դ��
��ͼ��
ȡIP��ַ_

Sections

.text
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ