lcx[.]exe | Triage

Sharing

General

Target

lcx.exe
Size

8KB
MD5

74f807ce1e47bd7a6cb389f8a17dcb63
SHA1

1710115c9f2f69f1f8b298168e9692fcb910a556
SHA256

f9e7ba7a774799d9d39b44afca1591a7ea86530063634f42480cf530f085adbb
SHA512

548f566eb798b4097ea2776a83b95918b8e6050de159aa242e736dd60b3c880838abbdb04a61b78d156a2e25f659abee953c1b99ccfeada523616b07251bf37f
SSDEEP

192:DPiIaI63/Wv9mU64ULpTgIWjlq9jEiFZcNg5wvgMNoyn0mgZ:1z6PM95yp0o73DwvgE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lcx.exe

Files

lcx.exe
.exe windows:4 windows x86

92479712f886608d2da96f0e663cdab8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateThread
TerminateThread

ws2_32

htonl
setsockopt
bind
listen
socket
getpeername
gethostbyname
htons
connect
select
__WSAFDIsSet
recv
WSAStartup
WSACleanup
ntohs
send
closesocket
accept
inet_ntoa

msvcrt

_write
_stricmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
fprintf
fclose
exit
printf
fflush
_iob
strlen
sprintf
memset
strncpy
atoi
signal
fopen
_errno
strerror
memcpy
strcpy
_fileno

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE