1lcx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1lcx.exe
Size

47KB
MD5

28bac63a00e05f6c267cfad7d50e74ee
SHA1

8a6af2bc5a1ba5415c620f368f6ceb1c6d750743
SHA256

f09d72e442463e3866f8bdd28d6d487f3c29d84e78b65108f4346f5db9d8ebe7
SHA512

05f1955a3826a8bd21e664f4ab8354869799e9f5c959dd1c23090a247394e28fa24598d3ccf0c8289d634e278ef0961362beda9ae5fa8c7e252f655de88d2d04
SSDEEP

768:IyyChCZhsI3tfZNfDKJsTHog2XRXGUyg3Pk0w7FNDoo:LEEWBXIgvUyg3rioo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1lcx.exe

Files

1lcx.exe
.exe windows x86

23957447f9a27ae0c5164ec5932e7c96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
Sleep
CreateThread
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
SetFilePointer
SetStdHandle
CreateFileA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
VirtualFree
HeapCreate
GetLastError
SetConsoleCtrlHandler
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FlushFileBuffers
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
HeapFree
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
LCMapStringW

ws2_32

gethostbyname
connect
htons
htonl
setsockopt
bind
listen
socket
getpeername
select
__WSAFDIsSet
recv
ntohs
send
closesocket
accept
inet_ntoa
WSAStartup
WSACleanup

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ