da24e2f9b662760b6bfdd64ac3952269a963771cc202c39a2b6fc9e07897d873 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da24e2f9b662760b6bfdd64ac3952269a963771cc202c39a2b6fc9e07897d873
Size

9KB
MD5

feeb28ac2e2112b2ed3ff9d3bb563a44
SHA1

29940a53e530048d48769279ef3f1ec5279e2997
SHA256

da24e2f9b662760b6bfdd64ac3952269a963771cc202c39a2b6fc9e07897d873
SHA512

722aae30c9508d9c989540e0cc22ed38c45c18c04f84b2f0f7c5b66ada93812089b5f1c6f4b1d09b92d43e0da7e5538ccec9298f1177fbba1e68996524d4779d
SSDEEP

96:8mmUy/AykDKa9X76qGlTchTnmFxPWO6/D//joCWPTFEjHfje0H1OGIfZ9jOEp6VA:fPHaWOI/eSNO5Z9X6NxpVN9ctl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da24e2f9b662760b6bfdd64ac3952269a963771cc202c39a2b6fc9e07897d873

Files

da24e2f9b662760b6bfdd64ac3952269a963771cc202c39a2b6fc9e07897d873
.exe windows:1 windows x86 arch:x86

9c7b8ebf4470b962ea2b94da126d9509

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAAsyncSelect
WSAStartup
accept
bind
closesocket
connect
gethostbyname
htons
inet_addr
listen
recv
send
shutdown
socket

shell32

ShellExecuteA

kernel32

FreeLibrary
GetCommandLineA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
LoadLibraryA
RtlUnwind
RtlZeroMemory
lstrlenA

user32

UpdateWindow
LoadCursorA
LoadIconA
SetTimer
KillTimer
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
CharUpperA
RegisterClassExA
PostQuitMessage
ShowWindow
CreateWindowExA
DestroyWindow
DefWindowProcA

crtdll

__GetMainArgs
atoi
exit
free
malloc
memcmp
memcpy
raise
signal
sprintf
strchr
strcpy
strlen

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 660B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE