5a4556fe5ece936921a2a7b3b561b2f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a4556fe5ece936921a2a7b3b561b2f0
Size

9KB
MD5

5a4556fe5ece936921a2a7b3b561b2f0
SHA1

711e95c71a594ff0c6003d00f0ead48f4e2911ff
SHA256

7df35e5eb1577924739804d2e11194ebf43bf4e0960621579ecdcb8864ad40d4
SHA512

3323e6fb856fd20e1505219135c03a73f73e028d7eed8fc3022fc12d72a1484fcee86dc9e39e335c1d1905641310d638d808956219ff15562eaf6b2b08ccb1ff
SSDEEP

96:nPSiqXRHLLVZuVaba1BZz4wxl3lttZ7L:nqiqXRrLVZuVKa1Bt4YztZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a4556fe5ece936921a2a7b3b561b2f0

Files

5a4556fe5ece936921a2a7b3b561b2f0
.exe windows:1 windows x86 arch:x86

e9e7692653058192960199ec72231aad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

wsock32

htonl
connect
recv
htons
send
gethostbyname
accept
select
listen
inet_addr
WSAStartup
socket
bind
closesocket

kernel32

GetModuleHandleA
GetModuleFileNameA
lstrcat
WinExec
ExitProcess
GlobalAlloc
GetWindowsDirectoryA
CopyFileA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

user32

PostMessageA
FindWindowA
ExitWindowsEx

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ