53135279da7510d6e545cafe6ae9b187 | Triage

Sharing

General

Target

53135279da7510d6e545cafe6ae9b187
Size

192KB
MD5

53135279da7510d6e545cafe6ae9b187
SHA1

bafc629349aba86757513280d8f94017eea9f9be
SHA256

53ed7185b1d7417eeb34b6d33aee7659216f7564d3075997d4f2593de5509c91
SHA512

2e0553f785165e326a019625494fa939fec50b21e567d3d19b0ae39f58c90a3d5fa5680ec70f87a011969db91ff3392eab3108f895b6a6ace194776e6fb91e86
SSDEEP

3072:cH69DiMTdgP6RvRP5VwYznpDBTvWwvbSlJHy/r/zMJmd7DMXj3S/Z:Jh3CSR1Q6LTvNvySj/zCgDMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53135279da7510d6e545cafe6ae9b187

Files

53135279da7510d6e545cafe6ae9b187
.exe windows:5 windows x86 arch:x86

1a184f33624194ad8185f04727ea2c79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtUnmapViewOfSection

ws2_32

inet_ntoa
WSAStartup
inet_addr
WSAConnect
htons
WSACleanup
recv
gethostbyname
send
WSASocketA

wininet

InternetGetConnectedState

kernel32

HeapAlloc
CloseHandle
HeapFree
WriteFile
CreateFileA
SetFilePointer
GetProcessHeap
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
DeleteFileA

user32

wvsprintfA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE