2024-12-19_9f31951792a258b5181a02a6ccb6bba8_cerber | Triage

Sharing

General

Target

2024-12-19_9f31951792a258b5181a02a6ccb6bba8_cerber
Size

440KB
MD5

9f31951792a258b5181a02a6ccb6bba8
SHA1

b92b54cf848590ed827e6927fb99b8bfdaf9c2db
SHA256

03280896d436d8f027168a2bbfdcb6c0ed58f4410bfafd471905b9c5394b1384
SHA512

e4b60b71c002e2f1b6baf718ece6c36e3f8637fc783735225742a2511d36d6b28e0cdc78cff6606877bb2af9f6f2bfb3fe3afe3daef9f858d1d90fcba0139a51
SSDEEP

6144:Wm7VLm9avt6YL0YAatyIwxSv1X793VvrFvFn/13JPT9f13dHj9vlf7dHVnDFPVP8:v7Rm9GjQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-19_9f31951792a258b5181a02a6ccb6bba8_cerber

Files

2024-12-19_9f31951792a258b5181a02a6ccb6bba8_cerber
.exe windows:5 windows x86 arch:x86

743732401b2ed70a56dd1f01340fc13b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
LoadLibraryA
GetStartupInfoA
VirtualAlloc
GetModuleHandleA
GetCommandLineA
GetVersion
CreateFileW
GetFileAttributesA
GetTickCount
LoadLibraryW
lstrlenA

user32

DestroyIcon
LoadIconA
LoadCursorW

gdi32

GdiFlush
SetTextColor
SetTextAlign
CreateCompatibleDC

advapi32

RegOpenKeyA
RegQueryValueExW

winmm

timeGetTime

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ