87356b524a911233223b21a66e6790b0 | Triage

Sharing

General

Target

87356b524a911233223b21a66e6790b0
Size

7KB
MD5

87356b524a911233223b21a66e6790b0
SHA1

b1830022caf290073defb837eb4b99651c5544a0
SHA256

e8b52c80e316a2b443ccc9131e5807005f4e1c119cdc545a1ffc60b0dee28bde
SHA512

4f11c2f62128023f9b58f82a74f25601306b169bdcebf197db06d20f44d5958fd3a822069879118f9daba7df9286426c2d6b8927a42e406968e5d2f1435fab3f
SSDEEP

192:P7QC2uh/sibFRFYeaHTKzKGIru98l47Yb:PERl2zzaGOGIu997Yb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87356b524a911233223b21a66e6790b0

Files

87356b524a911233223b21a66e6790b0
.exe windows:5 windows x86 arch:x86

637c41996b90c582c18632d48231fe4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
closesocket
connect
htons
inet_addr
gethostbyname
send

kernel32

GetLastError
WriteFile
MoveFileExW
CreateProcessW
CreateMutexW
GetProcessHeap
GetSystemTime
FindFirstFileW
lstrlenA
WideCharToMultiByte
lstrcmpW
lstrlenW
FindClose
FindNextFileW
LoadLibraryW
GetProcAddress
GetFileSize
MapViewOfFile
CreateFileW
CreateFileMappingW
CloseHandle
GetVersionExW
GetModuleFileNameW
GetWindowsDirectoryW
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree

user32

wsprintfW
wsprintfA

advapi32

GetUserNameW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE