a40556333b5858b32bf2004cdf27a7d7 | Triage

Sharing

General

Target

a40556333b5858b32bf2004cdf27a7d7
Size

60KB
MD5

a40556333b5858b32bf2004cdf27a7d7
SHA1

14b0bd83601516cd382bf141c0d2f85e79b66a53
SHA256

539622456ec28c7c302ebf9ff6cf1685868eed5dc072b94250ec72e24c469fa8
SHA512

0fa0e45f30eb6eb56b4095fd0582dcc6f83db038dd08272b17d29bc68098e153211a3a9c1737edf192a36f1640e60eced8247a5e3095a3753061c67d95b87a03
SSDEEP

768:jHT5Y9MbPgU253BDU2eSWeZGzF/FNFzFzFyFwF1FJjnFN6FcF0Yi:jHyMbPgU253B3WfzdzJZgKDnmq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a40556333b5858b32bf2004cdf27a7d7

Files

a40556333b5858b32bf2004cdf27a7d7
.exe windows:4 windows x86 arch:x86

5c3f1136573e26a9c0094c85ea5c4850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED

Imports

cygwin1

__main
__progname
atoi
bzero
calloc
close
connect
cygwin_internal
dll_crt0__FP11per_process
exit
fflush
fprintf
free
gethostbyname
htons
malloc
memset
read
realloc
recv
select
send
sleep
snprintf
socket
strcmp
strlen
strncmp
strncpy
strstr
strtoul
vfprintf
write

kernel32

GetModuleHandleA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stabstr
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PEPACK!!
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE