logresolve[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

logresolve.exe
Size

20KB
MD5

ed37fbf5f431961d0db47596655e0e88
SHA1

d27abaed6469d5b1dc7b53052e9d453091d68768
SHA256

10619adf953ddcdc73cfad1f486f603b40f79f330c594906665d5d42716adbeb
SHA512

9d079fe8fc4018c9d862615b74049059a99c9e29c8e7ef8d00de138053864fb8871703a72f925ff07eb63fddb48ccd65d6d230244c1ece235d0362d3d736eaa3
SSDEEP

192:AWhFYQD4tLdr0GCisC8uiXTrzDNoyn3BOqgU1:fVD4Xr0GChtfz5loqgU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
logresolve.exe

Files

logresolve.exe
.exe windows:4 windows x86 arch:x86

7e352245753978dcd7f4fce728c7e977

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyaddr
WSAGetLastError
inet_addr
gethostbyname
WSAStartup
ioctlsocket
WSACleanup

msvcrt

free
_controlfp
_except_handler3
__set_app_type
__p__fmode
fclose
fopen
printf
puts
strchr
_pctype
exit
fprintf
_iob
__mb_cur_max
_isctype
strncpy
_strdup
perror
malloc
fgets
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ