c81605783c697ef783133837014b5383 | Triage

Sharing

General

Target

c81605783c697ef783133837014b5383
Size

20KB
MD5

c81605783c697ef783133837014b5383
SHA1

15b10932d50d4524938fc3fae343366f7768a7c1
SHA256

48e7bd652ad9cb0bded0ea197d8eca496771b336d7e0bebd4255a86d4d18a8ce
SHA512

70df88cd927a43713adba843573c611e7d87b7bfc1475aadf3b617b932b3c4fcc183f2b76c24f35b74c82730bd9fb573e5a11ef25faf2255ce63c6ca90012efa
SSDEEP

96:w2VJPTHPso/QhHaR+P0SoXl4WrrIVsArrIQ/7j+t1I168:L3PTIkKoXycwHji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c81605783c697ef783133837014b5383

Files

c81605783c697ef783133837014b5383
.exe windows:4 windows x86 arch:x86

57fc16c916924f582298628d77319275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcpy
malloc
free
_onexit
strtok
strcmp
sprintf
srand
rand
strlen
__dllonexit

ws2_32

socket
WSAStartup
gethostbyname
htons
connect
recv
closesocket
WSACleanup
send

kernel32

Sleep
GetLocaleInfoA
GetTickCount
ExitProcess
MoveFileExA
GetModuleFileNameA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE