b57841511862bfbd1a8719d5abbe88b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b57841511862bfbd1a8719d5abbe88b8
Size

7KB
MD5

b57841511862bfbd1a8719d5abbe88b8
SHA1

c2f5d0340ab494fa44103113a861ddbdecc11a1c
SHA256

e6f7f0de053cb13125bb46e8eabae2aef437158d6e015c4b4bd71a49c310b124
SHA512

57b49c0da05aae3929b44cef59c8dd0dee2fbb8711225d3b03197c2a7d12f13b973a551ec7422a18edc8f42ef4ee07a58e2dfe18540dc516efc55e7b708a8d81
SSDEEP

96:4er/5IyH3Bvlp1lKvzwlefR206niSlr69NW6Lot6ZLSZqq4hYhhhhhNMEv:LL59fp1VMfQ08ePSZXIcl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b57841511862bfbd1a8719d5abbe88b8

Files

b57841511862bfbd1a8719d5abbe88b8
.exe windows:4 windows x86 arch:x86

e3721f35421fb96d2c8846ca3b870402

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
RegisterClassExA
PostQuitMessage
PostMessageA
MessageBoxA
LoadIconA
LoadCursorA
GetSystemMetrics
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA

kernel32

GetModuleFileNameA
lstrlenA
lstrcpyA
lstrcatA
WriteFile
GlobalFree
GlobalAlloc
GetStdHandle
GetModuleHandleA
GetCommandLineA
ExitProcess
CreateFileA
CloseHandle
AllocConsole

wsock32

WSAAsyncSelect
WSAGetLastError
WSAStartup
accept
bind
closesocket
listen
recv
send
shutdown
socket

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE