certreq[.]exe | Triage

General

Target

certreq.exe
Size

427KB
MD5

65116f34d5830b94df575d805b65d6bb
SHA1

85bca3cf331ab3af8bbdd72fcbc618fdbb2ef2b4
SHA256

ef3434777d7a7af6821d79dc099af3d380856fe39759ad0eaede73ec47ec6d06
SHA512

5cca0cfd15ce174716f095804d283f884eba57dc1d59e1d102f10ca531ebc620da6ba845c4dc9de46a8aab3a9e120eb56d626cb43562e9129b448dbf8e817ec8
SSDEEP

6144:Zf+2xvDjAc6bRPW2SEAjUrRNl7QeObpf3qHz9CFm5X1x3eNFtvI:Zf+ILjAvb02SBOueYf3u9CFm9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
certreq.exe

Files

certreq.exe
.exe windows:4 windows x86 arch:x86

117c02463f3b526320200cf7927c7817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
CloseHandle
SetFilePointer
GetFileType
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
SetHandleCount
GetStdHandle
InitializeCriticalSection
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
SetEndOfFile
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetProcAddress
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 86KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

117c02463f3b526320200cf7927c7817

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 327KB - Virtual size: 326KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 86KB - Virtual size: 125KB

.text
Size: 327KB - Virtual size: 326KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 86KB - Virtual size: 125KB