b41a8bb984885f074d0ea1001bf294a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b41a8bb984885f074d0ea1001bf294a1
Size

2KB
MD5

b41a8bb984885f074d0ea1001bf294a1
SHA1

0155e202f07351a597572637217d682ebf2eb10c
SHA256

1276c7deda9111afb42e39d6357879721c25bde4862fc9baafc9a6c79fc56fe0
SHA512

02edd02742040c5f18528089d8cf25bdfc10a57edc3b752cad47bd824cfd16efae7765a4b6acdcfd5ca892a977625736b415a5693ba7f1be8fa977a8c142f4d6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b41a8bb984885f074d0ea1001bf294a1

Files

b41a8bb984885f074d0ea1001bf294a1
.exe windows:4 windows x86 arch:x86

0755f93914a7948c48a12a20b64f29e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ReadFile
CloseHandle
WriteFile
CreateFileA
WinExec
GetModuleFileNameA

user32

wsprintfA

ws2_32

WSACleanup
closesocket
recv
send
connect
htons
gethostbyname
socket
WSAStartup

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 192B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE