1392fbd60552f3fffdb8ffb807ba5da0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1392fbd60552f3fffdb8ffb807ba5da0
Size

62KB
MD5

1392fbd60552f3fffdb8ffb807ba5da0
SHA1

4b06e6b91a3c31e20d51c762ff08e226e63b2181
SHA256

291a284fbe5ca62422bc321540db02afae6a7d2cb79b932cb3b1989820c44917
SHA512

d027f743bb57c51291f0788ca27ca20005b7f017af4dd321487c92c0ad8d9e42f5f64c95d3a56d6ef36f41cd268182f5b091b76152faeed02e7392aa1e90e0e5
SSDEEP

768:GwfJuSUljbwCrdXo78sZb1McGntfK/cGue66RHhN7sv4Z4VY8JnwbP:9uxPwCWqtKklJ6RBZsvU2JnwbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1392fbd60552f3fffdb8ffb807ba5da0

Files

1392fbd60552f3fffdb8ffb807ba5da0
.exe windows:4 windows x86 arch:x86

01b6475f18fb7a47322cfdf48c52d98c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
Sleep
Process32Next
DeleteFileA
TerminateProcess
CloseHandle
OpenProcess
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetCurrentProcessId
GetTickCount
CreateThread
GetLastError
CreateMutexA
WinExec
SetErrorMode
GetStartupInfoA
GetModuleHandleA

ws2_32

socket
htons
connect
closesocket
WSAStartup
gethostname
gethostbyname
WSACleanup
send

psapi

EnumProcessModules
GetModuleFileNameExA

msvcrt

_strcmpi
_itoa
_strdup
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
atoi
strlen
fclose
strcat
fgets
strcpy
fopen
malloc
strstr
fputs
rand
strrchr
strcmp
fwrite
ftell
fseek
memset
sprintf
strtok
printf
srand
__p___argv
__p___argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_unlink

Sections

.bss
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE