payload-x86[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

payload-x86.exe
Size

3KB
MD5

639a795f6c250435e0dda5673b99461c
SHA1

0c6de3932e9c19e55d89a2f0cd69b6ff73732060
SHA256

10fb5dde4e9bc950d9c10d5d01c36ffc53bc12da0cecfdae7ee91641f76ad25a
SHA512

fa7d99d40b770058d41b50662de042b88cb9f1d5a9ca642ca456d7bf73370d849622f5e98e06bbd9db7b091e1f2cecfcc6cf86c848d0ded827d02871ca22a869

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
payload-x86.exe

Files

payload-x86.exe
.exe windows:4 windows x86 arch:x86

97c6f7bdf42991e9082f7210821d1a51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAStartup
socket
gethostbyname
inet_ntoa
inet_addr
htons
connect
recv

ntdll

atoi

kernel32

VirtualAlloc
Sleep

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ