b0025bf34cfef222e095b90cc7a2d231a7731d8a2709045064f7c997c60b579a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0025bf34cfef222e095b90cc7a2d231a7731d8a2709045064f7c997c60b579a
Size

5KB
MD5

71b7a351849e1297b5055f6c0bc756bb
SHA1

e831a8ce3391f7c764bc73429476fcc5354f8864
SHA256

b0025bf34cfef222e095b90cc7a2d231a7731d8a2709045064f7c997c60b579a
SHA512

b265afcd0fdf3389f9dfa6ac3d26b913970793c96aad8c4a11b125be0f09328c32410d59f34b3b78e3e10edca15e30fd15ad822bce39bfbd69554c692bb19099
SSDEEP

48:6srtHZWXhp4GwS+RWUDbhFzuLhIvFONHTrg7EYBGdrbdrR9orwt:htHIXh+GORtOOtOlTrHm0BTor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0025bf34cfef222e095b90cc7a2d231a7731d8a2709045064f7c997c60b579a

Files

b0025bf34cfef222e095b90cc7a2d231a7731d8a2709045064f7c997c60b579a
.exe windows:4 windows x64

abebcddfeec5e4ec076a75cd2265b69b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilPrintOid
SnmpUtilPrintAsnAny
SnmpSvcGetUptime
SnmpUtilIdsToA
SnmpUtilOctetsNCmp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ