cdad5c6af5ff3a489c40cc6b92c95e065b250341b4356ef40a94d2d417d5c7e7N[.]exe | Triage

Sharing

General

Target

cdad5c6af5ff3a489c40cc6b92c95e065b250341b4356ef40a94d2d417d5c7e7N.exe
Size

109KB
MD5

be9f5277f736154746e2c4eb9a52dda0
SHA1

3da0ab139172aed046f9ce34306c271f0b71eddf
SHA256

cdad5c6af5ff3a489c40cc6b92c95e065b250341b4356ef40a94d2d417d5c7e7
SHA512

c8dd94d8bc84aed6ae79d29aa00a4fd04fc619faebc2df014335c3740cef05f3096e7492b53ac696e941241e8532492c265be55ab4794f2b666f82881fa42553
SSDEEP

3072:6SLn+iXjLSUZ5ETSa1dwLMkWDJrgvhVpm:jLLS3dwLogZVp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdad5c6af5ff3a489c40cc6b92c95e065b250341b4356ef40a94d2d417d5c7e7N.exe

Files

cdad5c6af5ff3a489c40cc6b92c95e065b250341b4356ef40a94d2d417d5c7e7N.exe
.exe windows:5 windows x86 arch:x86

31fad15cf22850dde9bd6e49bfe94281

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
Sleep
WaitForSingleObject
lstrcmpA
GetDiskFreeSpaceW
ReadFileEx
GetStringTypeW
lstrcpyW
GetLastError
GetModuleHandleW
GetDiskFreeSpaceW
VirtualAlloc
CloseHandle
Heap32First
GetCurrentDirectoryA
GetPrivateProfileIntA
GetExitCodeProcess
InterlockedIncrement
SetEnvironmentVariableA
InterlockedDecrement
FindResourceW

apphelp

ApphelpCheckIME
SdbCreateMsiTransformFile
AllowPermLayer
ApphelpCheckExe

clbcatq

DllGetClassObject
ComPlusMigrate
ComPlusMigrate
SetupOpen
CheckMemoryGates
DllGetClassObject
SetupOpen
CheckMemoryGates
SetSetupSave
ComPlusMigrate
CheckMemoryGates
SetupOpen
SetSetupSave

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE