5b1aed87c317c5146508479aa1e33063 | Triage

Sharing

General

Target

5b1aed87c317c5146508479aa1e33063
Size

8KB
MD5

5b1aed87c317c5146508479aa1e33063
SHA1

d12c87e32c688695673c69242742fd7dba5e3a83
SHA256

a5787d57af49cbeae3fe2d85decfd258b093b2be5b17277bcef0f0175522e1eb
SHA512

53a045fd545b488b6c307bc8415b3c5cec158c4d69d7276e65ec1572853f84646554b6a03bb3f2d96171d2a5503ca146402452cdb6045abd2ce8828dae135f13
SSDEEP

192:/XPXYrE1ynwzm4+1HyvwSlx3o9Kynwzm4+1HyvwS7:3WEIPyz3o93Pyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1aed87c317c5146508479aa1e33063

Files

5b1aed87c317c5146508479aa1e33063
.exe windows:4 windows x86 arch:x86

1dd49a4d8941e6b42fd93d22ca472422

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GlobalAlloc
GlobalFree
Sleep
GetCommandLineA
ExitProcess
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind

ws2_32

connect
shutdown
gethostbyname
WSACleanup
accept
listen
bind
htons
WSAStartup
closesocket
recv
send
socket

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ