1c5630acfa3afeebb3d817b1d459419f | Triage

Sharing

General

Target

1c5630acfa3afeebb3d817b1d459419f
Size

12KB
MD5

1c5630acfa3afeebb3d817b1d459419f
SHA1

75cd41e9fb1ac2aa466a17c7582ea0e5d4138eca
SHA256

6a8c7e337ca17f3f3c99380710d2b9e7ed0e699ae7922fd72b19d7669fd838d1
SHA512

ae1351e0d92e531c569825abfd2d5947fd81668f1c96ea92171f83ae623fd983769e8f5cc16775a0b568b29e02aa62870a98b14dabe15910eb1372dc0aadea9c
SSDEEP

192:Jw6bhh8AzxIG+rdfyE2R0gPAnJO2Q2c2Lm8zN2KQ/qt9CjCY+2h96WJTCZTc:Jva3dfyE2JIJF7n68kUDwf+2h96Wz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c5630acfa3afeebb3d817b1d459419f

Files

1c5630acfa3afeebb3d817b1d459419f
.dll windows:4 windows x86 arch:x86

0c3c70cfdf796d12051611a878284af7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WinExec
CloseHandle
GetVersionExA
CreateFileA
GetFileAttributesA
GetComputerNameA
Sleep
GetWindowsDirectoryA
WriteFile
CreateThread

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile

ws2_32

gethostbyname
gethostname
WSACleanup
connect
send
recv
inet_ntoa
WSAStartup
socket
htons
inet_addr

msvcrt

fgets
fopen
fwrite
fclose
atol
??2@YAPAXI@Z
memmove
printf

Exports

Exports

putin

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ