5ae632bb476dbcfe56e94fd84bf626c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ae632bb476dbcfe56e94fd84bf626c6
Size

4KB
MD5

5ae632bb476dbcfe56e94fd84bf626c6
SHA1

02a0183b8cd47dddd860c22d67f65f5f6fcb3b31
SHA256

b04a875ccbe1c9f481b39e9758c37ad42bcc6a293c3b73703589bbe16f190f7d
SHA512

13c73b5ac5c46177dc4b7cfa72cc189af3d9a8f8e0a8b93146585c5718e04f1a8ad49e4fb7112bc226f1dda4124c8dcfed7d3fe655ae7aaa05895c72ebfda0ce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ae632bb476dbcfe56e94fd84bf626c6

Files

5ae632bb476dbcfe56e94fd84bf626c6
.exe windows:4 windows x86 arch:x86

d8901477e8c7975ef7f86a78c416277f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetStartupInfoA
CloseHandle
WriteFile
CreateFileA
lstrlenA
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree

ws2_32

closesocket
connect
socket
WSAStartup
bind
getsockname
htons
send
recv
gethostbyname

shell32

SHGetFolderPathA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE