2a92d1ec348a8f6cccbc2c7359ae1f54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a92d1ec348a8f6cccbc2c7359ae1f54
Size

18KB
MD5

2a92d1ec348a8f6cccbc2c7359ae1f54
SHA1

6567b33a3dd416e7ff063f7707ca8c35619a6dbd
SHA256

b9c5d86bce605504e7d348be5e62ce06408bdb7d5edb01993ac3231bcab39e80
SHA512

8733023f2801b79217ed911051fbd6fb1a533440d6f6fa018b9fd871699e8fc93bcce3b1afc9bda2e77a0d80ff413d10e6c8831514586be9520119434f6f835f
SSDEEP

192:o7t7hE753WZoNr3lVO3OphgDqse1lj0Z0NpZ4kvD+2OZS6ZpZ9QRyPORG2TWhC0L:o7JCp8oNrnO3gWe1BDXvDDO02QRZXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a92d1ec348a8f6cccbc2c7359ae1f54

Files

2a92d1ec348a8f6cccbc2c7359ae1f54
.exe windows:5 windows x86 arch:x86

58531ab12319b578ce9250a93e7c1306

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrlenA
WriteFile
GetProcAddress
CloseHandle
HeapFree
GetTickCount
GetProcessHeap
GlobalAlloc
Sleep
lstrcatA
GlobalFree
GetTempFileNameA
LoadLibraryA
GetModuleHandleA
lstrcpyA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

wsprintfA

netapi32

Netbios

ws2_32

htons
WSAStartup
WSACleanup
WSASocketA
recv
closesocket
gethostbyname
connect
send

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ