133632ac5b77a2413068b8c10d0435289c4684c1f20ee36a202ebfbf3dbefbe4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

133632ac5b77a2413068b8c10d0435289c4684c1f20ee36a202ebfbf3dbefbe4
Size

28KB
MD5

07294b63b769de56c0def94ca7239f68
SHA1

fda6409d93bcf1e4fd7e29a56b15fad610807350
SHA256

133632ac5b77a2413068b8c10d0435289c4684c1f20ee36a202ebfbf3dbefbe4
SHA512

d33e16ffcaf6bfe3af18267aed131b9bee574ea20abe913924724c7331b1fdff07a56599a3f06b3cd5436ad5e6079c1c2de222f866b5e78f061bacfeb3985614
SSDEEP

384:spxEgIM3Az3GYCgYGxTIlS7cXKngENSF+JrxqZZHcHoRL1vp/no681bvPcvZEuo:0WgV3a29gYwngEUFuxqPPRLBp/Rkb3j

Score

N/A

Malware Config

Signatures

Files

133632ac5b77a2413068b8c10d0435289c4684c1f20ee36a202ebfbf3dbefbe4
.exe windows x86

6330b06085388c53ed4baed1965f04d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

CreateAsyncBindCtx
DllCanUnloadNow
Extract
IsAsyncMoniker
IsValidURL
URLDownloadW
ZonesReInit

wsock32

gethostbyaddr
listen
WSACleanup
sethostname
WSAGetLastError
accept
bind
WSAStartup
htons

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE