cc935886c742fb4a4fd6e9c402c89f8fd3351a678ea27b3ea09be8bedc5a6a5f[.]exe | Triage

Sharing

General

Target

cc935886c742fb4a4fd6e9c402c89f8fd3351a678ea27b3ea09be8bedc5a6a5f.exe
Size

95KB
MD5

b481e709f45d3e9dbb44338c5fcb8b33
SHA1

addbce0b429a93b7c78b335bd527dbc31bbb7036
SHA256

cc935886c742fb4a4fd6e9c402c89f8fd3351a678ea27b3ea09be8bedc5a6a5f
SHA512

ea3c9811ed7af7278f6bccacf1c45edc9e86781c9e43b5b7e51231c97bbf442ea9a26e7661148e1331a93b0d68e208a91f603b914f8d351ff35304d3f12e61d3
SSDEEP

1536:e3Ynb+B0cU3rkgqre/s9/Vbr27lbOgm3MhSn/s8Xo48FNSF5E8k8jwaaHw7Koj4g:EYnb+BR6X0/VbcbIMhe/nXo/eFFk8jwC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc935886c742fb4a4fd6e9c402c89f8fd3351a678ea27b3ea09be8bedc5a6a5f.exe

Files

cc935886c742fb4a4fd6e9c402c89f8fd3351a678ea27b3ea09be8bedc5a6a5f.exe
.exe windows:65535 windows x86 arch:x86

90098dadd814ae55e6e93a784fad6151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetTimeFormatA

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
RegFlushKey
RegConnectRegistryA
RegOpenKeyExA

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE