033410bc7e1f30eb4a2d8b55424912f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

033410bc7e1f30eb4a2d8b55424912f9
Size

64KB
MD5

033410bc7e1f30eb4a2d8b55424912f9
SHA1

2d304db3b32b9b75a14cfc3e4f74a979d6c6d5fb
SHA256

748e9beef39fb72bbc5cd11f517c3169d09f987856897f3ced4a90eeab8a3888
SHA512

970110ef81dd086460dbcb354cc484c2578050cad3c2beb18495164047e2e0a81536e06bee1a241f5f4ae43e280d2e54f6706ecfe46e61912fef0a622e71d53a
SSDEEP

768:cm23+PWF1Dx4MYddcAfUQAQAYVi5PC6kUiG+ziQxnRVGEOy89LsKNvUnJyIC7H:Zu+PeYdJcJ+iQpRZYLsKNvUkIC7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033410bc7e1f30eb4a2d8b55424912f9

Files

033410bc7e1f30eb4a2d8b55424912f9
.dll windows:4 windows x86 arch:x86

0d4627e01ab2c57ebef7fba899a93da6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

connect
WSACleanup
recv
socket
WSAStartup
inet_addr
closesocket
htons
gethostbyaddr
gethostbyname
send

kernel32

VirtualAllocEx
VirtualFreeEx
CreateRemoteThread
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
lstrlenA
GetCurrentProcessId
GetSystemDirectoryA
DeleteFileA
CreateThread
FindFirstFileA
IsBadReadPtr
CopyFileA
WideCharToMultiByte
Sleep
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetProcAddress
VirtualProtect
VirtualQuery
WriteProcessMemory
LoadLibraryA
lstrlenW
MultiByteToWideChar
GetVersion
LoadLibraryExA
CreateFileMappingW

msvcrt

sprintf
free
malloc
strtol
_strdup
strncmp
_snprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
_strlwr
strlen
strcat
memset
strstr
strcpy
_stricmp

Exports

Exports

input

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE