4df21101feb0782ba6dd3f709f714896 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4df21101feb0782ba6dd3f709f714896
Size

80KB
MD5

4df21101feb0782ba6dd3f709f714896
SHA1

1aa36847ee02b45c4da0a317319090b0fcd90280
SHA256

ec847e4795af920643df0c4dd80d44321b9c5985b572e6d4245310b0b4842d32
SHA512

d20c87731e17085298cd20b21f93b89f0b57aee523b34ce8b1dc081cd16776bc9ca6eebbfc59661ce76f6aff85c660effd451d49ffef7a6514b1e176fbd9cacf
SSDEEP

768:u+jkYdmgAmOKTji0N6/Qvl81nJOlRQGps6xq5wXYlJQBWq7kMFmB/R3OQfdYUky5:u4urQ6/el8zyR/cwXYpDCIOOWnToIfd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4df21101feb0782ba6dd3f709f714896

Files

4df21101feb0782ba6dd3f709f714896
.exe windows:4 windows x86 arch:x86

78d229eac6ab6995c9f3f1925a4292e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
listen
accept
inet_addr
gethostbyname
htons
connect
closesocket
socket
WSAStartup
send
recv

shlwapi

wnsprintfA
StrStrIA
StrStrA

advapi32

CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
CryptGenKey
CryptExportKey

kernel32

CloseHandle
CreateThread
CreateMutexA
FileTimeToSystemTime
GetLastError
TerminateThread
Sleep
ExitProcess
GetTickCount
HeapFree
IsBadWritePtr
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
ExitThread
GetProcessHeap
lstrlenA
HeapAlloc
HeapReAlloc

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ