cac9b6cdc85521327e784233f8e253ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cac9b6cdc85521327e784233f8e253ea
Size

8KB
MD5

cac9b6cdc85521327e784233f8e253ea
SHA1

f32f572f3695101d5b478a4800df89e06f877935
SHA256

993138e745e99572c55a2fa1c22652dbbf51a856dd4d4d8dae9254d9d964ef8c
SHA512

02e3da3b81039025c28c076b731f84ff27673b2b2e97dd0366da67f8d4f65d92793ed3184692054453920499e9fa755d9b1f7674d49da24018cafa36680a51fd
SSDEEP

96:untFkMVfybqCuXIziHMoAgKM9D9SKP4fmUB3Pbrfj53RYMZNxu3fn2O1JiWMlice:YTBAmtXmQMe5PwB3jx3RY0Nuf2OifRGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cac9b6cdc85521327e784233f8e253ea

Files

cac9b6cdc85521327e784233f8e253ea
.exe windows:1 windows x86 arch:x86

b1f50a0da0de83eca0ba42e845d6a564

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
select
send
socket

kernel32

GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
RtlUnwind
CreateThread
EnterCriticalSection

crtdll

_iob
__GetMainArgs
atoi
exit
fclose
fopen
fprintf
fputs
fwrite
printf
raise
signal
strcmp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 240B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE