bc43dfd5aa6f919430ff160f51de854e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc43dfd5aa6f919430ff160f51de854e
Size

15KB
MD5

bc43dfd5aa6f919430ff160f51de854e
SHA1

334d7355ad4a80c387b6c094ecea6982708ecf19
SHA256

33dee3d35c26c80e0d3f50f56e9a3448f61c53d50907b569fae2e5ea394a52fa
SHA512

2cb76bf344018bf94a37ab4caf0ef2fc41f0729dc798818d9c376955fb91b9e084d5d044855762366a0ad02187ceb3d99b9f4f27579413108ca9125b402f6dd2
SSDEEP

192:HE47hE753uSReZMDalcT0ZJ5+lOIJ4PoFZ9cRuPDciTGC2y0qPXc1lP0:HE2CpuuI5xoOU4LRw5PXcns

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc43dfd5aa6f919430ff160f51de854e

Files

bc43dfd5aa6f919430ff160f51de854e
.exe windows:5 windows x86 arch:x86

58531ab12319b578ce9250a93e7c1306

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrlenA
WriteFile
GetProcAddress
CloseHandle
HeapFree
GetTickCount
GetProcessHeap
GlobalAlloc
Sleep
lstrcatA
GlobalFree
GetTempFileNameA
LoadLibraryA
GetModuleHandleA
lstrcpyA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

wsprintfA

netapi32

Netbios

ws2_32

htons
WSAStartup
WSACleanup
WSASocketA
recv
closesocket
gethostbyname
connect
send

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ