d35222dec1c55ad24f56496b1b375726 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d35222dec1c55ad24f56496b1b375726
Size

5KB
MD5

d35222dec1c55ad24f56496b1b375726
SHA1

e9701b0b1f80d5b1d2922eb703fc9a4f10bd053f
SHA256

87a31951c40efb54706ed8b56ed30d562d48ddc8a9e7b5c0380dda8ad9fef4d3
SHA512

8bcce6600aa3e6550604058197d76ce4726c8fc1f11cb372b85dcb12e1687ef9ec0ed8afe1083740f05a6dd2056bba2c9b233d2d25625705cb3d6b2d93a65377
SSDEEP

96:FP4xY+hzlVeJw4kzJMCT18BU2NN1V6OKpcyGaeL7iXhosP45KjH4A:FPYN3Vuw4klM5BjcOKiyGaeWPAKz4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d35222dec1c55ad24f56496b1b375726

Files

d35222dec1c55ad24f56496b1b375726
.exe windows:4 windows x86 arch:x86

469a39c0643c4b16567c86c07246de69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
WSAStartup
WSACleanup
socket
htons
connect
send
recv
shutdown
closesocket

kernel32

WriteFile
GetTickCount
lstrcatA
lstrlenA
lstrcpynA
GetCommandLineA
SetFilePointer
ReadFile
ExitProcess
GetSystemDirectoryA
VirtualAlloc
VirtualFree
CreateProcessA
GetEnvironmentVariableA
CloseHandle
GetModuleFileNameA
CreateFileA
GetTempPathA

user32

wsprintfA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ