341073853e649aa57397b99184d1175a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

341073853e649aa57397b99184d1175a
Size

60KB
MD5

341073853e649aa57397b99184d1175a
SHA1

0237ed19f1246e0adf369cad17a4857988d7a12b
SHA256

83f15294a94a7312c3e0376c1cdfc03da824753c8db201b2553dbf7972e7656a
SHA512

1370886616f39b412a9d90b0d91cf2e0b0d435e51dafd486bfc3679bd41301a4c03cc2263deb143a46f121b9bc02ce76ba6314141b89208a0a9bc2788cb1928f
SSDEEP

768:3iM8d+fpYvwnF9wCPstYHazotGOJ0sRIfLlb1F9xzfEh4THM:Rk+xYUbwcUochsRIxFffEhP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
341073853e649aa57397b99184d1175a

Files

341073853e649aa57397b99184d1175a
.exe windows:4 windows x86 arch:x86

f1b42916bac33fe8be30d1db4460638e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wsock32

WSAStartup
closesocket
connect
gethostbyname
htons
ntohl
ntohs
recv
select
send
socket

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

AddAtomA
CloseHandle
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
FindAtomA
FindFirstFileA
FindNextFileA
GetAtomNameA
GetDriveTypeA
GetLastError
GetLocaleInfoA
GetSystemTime
GetWindowsDirectoryA
ReadFile
SetUnhandledExceptionFilter
Sleep
WriteFile
lstrlenA

msvcrt

_close
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_filbuf
_iob
_onexit
_setmode
abort
atexit
exit
fclose
fgetc
fopen
fputc
fputs
fread
free
fseek
ftell
fwrite
malloc
memcpy
memset
rand
signal
srand
strcat
strcmp
strcpy
strlen
strncat
strncpy
system
time

Sections

Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE