8def4bc2b750561c7af1bb6b7eccec42 | Triage

Sharing

General

Target

8def4bc2b750561c7af1bb6b7eccec42
Size

51KB
MD5

8def4bc2b750561c7af1bb6b7eccec42
SHA1

1bcd90ee71bf6729f0a943bb604e28daf8dacde1
SHA256

f1ba2a7e6e3c0006db6496c582b7438a497ed729a03c8d2a181a6a5b1a2563da
SHA512

7c4aa1d381f5d0526ba15f1bd10e4b95e01b1e34e37218e93ad5ebef6436d2ef9b823c25083f7a42a5acb1298c40fdb4c5cc2c566563bc6040be82285db9e021
SSDEEP

768:iLQls/DuLnv9Ss4/nNFU+SULh6/cFGSuh7KEeP6umT3xE3yYlxdxqpf:HlsqL0s4/NFU+SM0/cFLw0SlBeyYPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8def4bc2b750561c7af1bb6b7eccec42

Files

8def4bc2b750561c7af1bb6b7eccec42
.exe windows:4 windows x86 arch:x86

aa40f0ee5b9946a9515f2b777acdda65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

GetAcceptExSockaddrs
rexec
shutdown
dn_expand
__WSAFDIsSet
WSASetLastError
WSACleanup
WSAAsyncGetServByPort
htonl

msvcrt

?unexpected@@YAXXZ
_Gettnames
__dllonexit
__unDName
??_U@YAPAXI@Z
_CItanh
__doserrno
__p__osver
_adj_fdiv_m32i

user32

AnyPopup
CheckMenuItem
CheckMenuRadioItem
CloseWindow
CopyRect
CreateIcon
DragDetect
DrawEdge
EndPaint

wininet

DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA
FtpDeleteFileA
ForceNexusLookupExW
GopherCreateLocatorA
HttpAddRequestHeadersA
IncrementUrlCacheHeaderData
InternetAutodial

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE