fa1b5f0cefd605f8a2c7d0a6d8ec6d2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa1b5f0cefd605f8a2c7d0a6d8ec6d2b
Size

108KB
MD5

fa1b5f0cefd605f8a2c7d0a6d8ec6d2b
SHA1

99c2464b7e8ef4ad4d75ba665e038e2f0160ecc6
SHA256

7f040b444f7197e7218249563e3455e326cc190aee7b5cfe4c0228ee7fb2292b
SHA512

a8f313d8755bf4fdb2b344bca3d50663b02055dcb3c227abc7af9e108b01c54e26532201503663f44f53afa9fc2aa06c4007aca2dc124ae7573313999703f066
SSDEEP

3072:+ZxdlblJ7D4msDF9up+EhwtK1vSW72e6eaa1I:+Zxdl5VHsDFIp+Ywmh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa1b5f0cefd605f8a2c7d0a6d8ec6d2b

Files

fa1b5f0cefd605f8a2c7d0a6d8ec6d2b
.exe windows:4 windows x86 arch:x86

d5039bc4fadbe32659d2b1d2451580c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeBeginPeriod
timeGetTime

netapi32

NetApiBufferAllocate
NetMessageBufferSend
NetApiBufferFree
NetpIsRemote

msvcrt

_ultoa
strrchr
_wcsicmp
free
_adjust_fdiv
wcschr
wcscpy
strchr
wcscmp
_except_handler3
_itoa
wcscat
_initterm
wcsncpy
wcslen
malloc

traffic

TcEnumerateFlows

kernel32

Beep
VirtualAlloc

Sections

.textbss
Size: - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ