cf0da8adacf075faa07782c9d0d83fd6a3b5f4426b3d5b37e39e86fd8311e6fb

General

Target

cf0da8adacf075faa07782c9d0d83fd6a3b5f4426b3d5b37e39e86fd8311e6fb
Size

64KB
MD5

e7800bb69cfc99a7eed1bff300e303bd
SHA1

af4c3470bfccc2ceca11d4043f8d99485e1fdbce
SHA256

cf0da8adacf075faa07782c9d0d83fd6a3b5f4426b3d5b37e39e86fd8311e6fb
SHA512

bf89c405a2ecd8d58a2846cad3e65d3b7a53cf08a5a0287e3a13f2ba6140075a6199545759b0f955693ec9c0e932eb9dd0b4678244fbe293f27e83d0197b6be1
SSDEEP

768:QEHsqZKMXc+YcfH0pfdkOy/D+fNR+tEo7om+k/u+dMV5bpqrDOgc9J:8qsMXcOKdkOy7YAtB7Mk/LdMVqA9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf0da8adacf075faa07782c9d0d83fd6a3b5f4426b3d5b37e39e86fd8311e6fb

Files

cf0da8adacf075faa07782c9d0d83fd6a3b5f4426b3d5b37e39e86fd8311e6fb
.exe windows:4 windows x86 arch:x86

67dd5ee20f4456e1e760234188a00e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

shell2.pdb

Imports

kernel32

GetCurrentConsoleFont
FreeConsole
GetCalendarInfoW
CompareStringA
CopyFileW
GetThreadTimes
GetProcessPriorityBoost
Sleep
SetThreadIdealProcessor
WritePrivateProfileSectionW
QueueUserWorkItem
GetNamedPipeHandleStateA
GetBinaryTypeA
EnumSystemCodePagesW
GetCurrencyFormatA
GetCurrentConsoleFont
SetHandleInformation
GetComputerNameW
SetComputerNameA
CreateThread
SetMailslotInfo
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteVolumeMountPointW
ReadConsoleW
GetFileTime
GetProcAddress

user32

CharLowerBuffA

msi

ord81
ord228
ord223
ord44
ord50
ord86
ord21
ord93
ord126
ord159
ord82
ord76
ord85
ord156
ord224
ord80

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67dd5ee20f4456e1e760234188a00e67

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msi

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 1024B - Virtual size: 696B

.data Size: 3KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.u Size: 18KB - Virtual size: 18KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 1024B - Virtual size: 696B

.data
Size: 3KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.u
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 9KB - Virtual size: 9KB