2025-03-25_c148dc43bc2ccd6d2ff2dce23bf51b14_cerber | Triage

Resubmissions

25/03/2025, 07:23

250325-h76czswnv3 10

25/03/2025, 05:16

250325-fx8z1svnw5 10

Sharing

General

Target

2025-03-25_c148dc43bc2ccd6d2ff2dce23bf51b14_cerber
Size

191KB
MD5

c148dc43bc2ccd6d2ff2dce23bf51b14
SHA1

42f33ac515a422b25a38f3bd81d5b673f83549ca
SHA256

40abba5de032810cc879ecd7bd604405e5a20344c293279cffb9a45b5e2b8bb2
SHA512

cb64fe2390a19bed4e18b4248751feff99418d7677f4f43577c15a6f2064c604e1ab7cdc97a52389b88587c492f6fa8c4231d314b4c1690af1c6b3a9352e6348
SSDEEP

3072:+DxABswxafBRTT7VhGaQAK9EyhSRnCdHnXad3e43k1jtY04UklcEGVWIRdlsLQ:+uBswxoB1XaaQAKthcnWXadVkj3IlcVK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-25_c148dc43bc2ccd6d2ff2dce23bf51b14_cerber

Files

2025-03-25_c148dc43bc2ccd6d2ff2dce23bf51b14_cerber
.exe windows:5 windows x86 arch:x86

ebce88cab5f5d3d7b4f28f267a127ce7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memmove
isspace
tolower
_aulldvrm
memset
memcpy
_allmul
_alldiv
RtlUnwind
NtQueryVirtualMemory

Sections

.text
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 128KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ