20335ab6ae8d9ed0cee1e4c1f461f1bc | Triage

Sharing

General

Target

20335ab6ae8d9ed0cee1e4c1f461f1bc
Size

488KB
MD5

20335ab6ae8d9ed0cee1e4c1f461f1bc
SHA1

cb10dbc2606e47a7be664f46080c2d7a86b75fdd
SHA256

e11d3ed7288bae9560c7ec77a509aa51d2c895164c64b894ae10f68d12b56025
SHA512

333978fd97060e93cff373b6208453e55afaddbf8e28cffcf22e2edcfb4953a3950069afd397c325b652ca4c90d1c9366697bc076ed85a78a9851d4bb9636525
SSDEEP

6144:x1gNhvTLFP+c7s/0I/hOi5m1SSrwzJ3MquRw4bD09REOYzxPIvOBYtdzd8WaPoh0:x1gPvTJP+ss/0Ioi5IOWPmtnBTm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20335ab6ae8d9ed0cee1e4c1f461f1bc

Files

20335ab6ae8d9ed0cee1e4c1f461f1bc
.exe windows:4 windows x86 arch:x86

825b0e7b30a074fd336730e29f34376c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cygwin1

accept
alarm
atof
atoi
atol
bind
calloc
close
connect
__errno
dll_crt0__FP11per_process
dll_dllcrt0
dll_noncygwin_dllcrt0
exit
fclose
fcntl
fflush
fgets
fopen
fork
fprintf
free
fseek
gethostbyname
getpid
getsockname
htonl
htons
inet_addr
inet_ntoa
listen
__main
localtime
malloc
memcpy
memset
ntohl
ntohs
pclose
popen
printf
rand
read
realloc
select
setsid
setsockopt
signal
sleep
socket
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncasecmp
strncmp
strncpy
strpbrk
strrchr
_exit
strstr
strtok
system
time
unlink
vsprintf
write

kernel32

GetModuleHandleA

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 55KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ