5baa656d109863675d1cf56d209e67dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5baa656d109863675d1cf56d209e67dc
Size

4KB
MD5

5baa656d109863675d1cf56d209e67dc
SHA1

cb415d0e7fbdbf84ccebea5f9e5cbd915c046236
SHA256

d3513334ea982150ebcbfea7499bc915d31202540491ca77b7bd362ad62f57f4
SHA512

9e09cdd5c48df61a8f48d51699d643656c847d456ebb292585c85ebd1ab8044805b26a3eec7377e856efae9620bd160395e8af746e1dde37530efbf972df846a
SSDEEP

96:Uo+mMN2aPFujeXkoUmHzrL+0o/Hd2VyXQa+sB:r+mWsjfiTeLfd2c0c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5baa656d109863675d1cf56d209e67dc

Files

5baa656d109863675d1cf56d209e67dc
.exe windows:4 windows x86 arch:x86

fc5360056ecf3a9c4509b74e50db40ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
GetCommandLineW
lstrcpynA

shell32

StrChrA
StrStrA
StrCmpNA
CommandLineToArgvW

ws2_32

connect
closesocket
socket
__WSAFDIsSet
select
send
recv
accept
listen
bind
WSAStartup
inet_addr
gethostbyname
htons

shlwapi

StrToIntW
StrToIntA

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE