71a0dd9df14ac32b68b2d72f8c20dfca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71a0dd9df14ac32b68b2d72f8c20dfca
Size

92KB
MD5

71a0dd9df14ac32b68b2d72f8c20dfca
SHA1

9d66ee80dbd329dc101f275b4d85cf4534ec4732
SHA256

e7c0ee3e9b87de80ba63dceb6789df15ccd3fe7ac5aa0e564f1691d0f0179df6
SHA512

c0074172b429e108a6b4a996673d9abd061e942a63a84171fce1677d8a0f5976931c463340e59c2cc2c9a0769c11772babe8cbcfd70df0bbc5cb9221014f1ccf
SSDEEP

1536:gnSYIS7lKce9tAF9rr7fV/6IIuz1VY4MN5a3JxSJFJvjjDHLZk:gnSYIS7le7AXrjV3hS2jSTJjDHLZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71a0dd9df14ac32b68b2d72f8c20dfca

Files

71a0dd9df14ac32b68b2d72f8c20dfca
.exe windows:4 windows x86 arch:x86

587d772e68ad005efca1637380a140fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
lstrcmpA
FindClose
FindNextFileA
UnmapViewOfFile
Sleep
FindFirstFileA
lstrcpyA
FreeLibrary
VirtualAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
CreateThread
lstrcatA
GetFileSize
GetCurrentProcess
CreateProcessA
WriteFile
LockResource
LoadResource
FindResourceA
CopyFileA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GlobalMemoryStatus
GetSystemTime
HeapAlloc
GetModuleHandleA
GetVersion
GetEnvironmentVariableA
CloseHandle
CreateFileA
GetProcessHeap
CreateFileMappingA
MapViewOfFileEx
GetModuleFileNameA
SetPriorityClass
GetCurrentProcessId
ExitProcess
TerminateProcess

user32

wsprintfA

advapi32

RegSetValueExA
RegFlushKey
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetUserNameA

ws2_32

bind
connect
htons
inet_addr
gethostbyname
socket
inet_ntoa
recv
listen
send
htonl
WSAGetLastError
__WSAFDIsSet
select
ioctlsocket
WSAStartup
closesocket
accept

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ