7f47f7029b45d7255505dab0f5ea138c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f47f7029b45d7255505dab0f5ea138c
Size

294KB
MD5

7f47f7029b45d7255505dab0f5ea138c
SHA1

5169fab42a4eb32e059dcd489ac2d74da3654bdc
SHA256

7e4feafe267fce478e68403c0880075f3e2e80810a8158abf71f09a5105fe09d
SHA512

702a2eac0381f0049a309de3ac11a6fe0d36b71fdda6910a480f5a113b10c502e3e847e3cd77ea4b79c231380c0f3e4f1ce75ae598879079329ce5f754b5ea1a
SSDEEP

6144:0hOi58SSSrwzJ3MquRw4bD09REOYzxPIvOBYtdzd8WaPohzymXT9x7j:Ji5ZOWPmtnBTTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f47f7029b45d7255505dab0f5ea138c

Files

7f47f7029b45d7255505dab0f5ea138c
.exe windows:4 windows x86 arch:x86

525dc0557ada71f199732e0c6b27fcbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cygwin1

atoi
calloc
close
connect
__errno
dll_crt0__FP11per_process
dll_dllcrt0
dll_noncygwin_dllcrt0
exit
free
gethostbyname
herror
htons
__main
malloc
memcpy
perror
printf
puts
realloc
send
sleep
socket
strcmp
usleep

kernel32

GetModuleHandleA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ