PC_LP[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PC_LP.exe
Size

72KB
MD5

4388dd9f4cd98db1eab4e08f72ad7d6a
SHA1

55ee8b76a31faa4c3becb73eea083bfbadca774c
SHA256

3a505c39acd48a258f4ab7902629e5e2efa8a2120a4148511fe3256c37967296
SHA512

4704b0f81aa7e8b47ec852c6a0a61dfc13a5f92e5d63ff47d1c461d9115b04dc421cceef6bbe4066b61a7042168607e45e500f06c548901818937a4abcccce3c
SSDEEP

768:T9qJbLffCt8PaG1hasmoVXX8yzONJ1/j33UdFK:6it8PaG1hCWXX8fbIg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PC_LP.exe

Files

PC_LP.exe
.exe windows:4 windows x86 arch:x86

31fadb2f3725f938fcba4e348eca5030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getpeername
getsockname
inet_addr
inet_ntoa
ntohs
socket
WSASetLastError
send
recv
ioctlsocket
listen
connect
closesocket
bind
accept
WSAStartup
htons
WSAGetLastError

kernel32

GetCurrentThread
GetModuleHandleA
GetLocalTime
SetLastError
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
GetStdHandle
SetConsoleScreenBufferSize
SetConsoleTitleA
FreeLibrary
GetProcAddress
LoadLibraryW
Sleep
ResumeThread
CloseHandle
TerminateThread
SuspendThread
GetCurrentDirectoryW
CreateDirectoryW
GetLastError
SetCurrentDirectoryW
CreateProcessW
GetModuleFileNameW

msvcr71

_fdopen
strncat
fwrite
_close
_wopen
wcsncpy
strncpy
sprintf
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___winitenv
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
__dllonexit
_onexit
_controlfp
wcscpy
strcpy
_vsnwprintf
malloc
strlen
free
_wtoi
memset
wcsncat
_snwprintf
wcslen
wcschr
vwprintf
vfwprintf
fwprintf
fclose
_beginthreadex
_iob
fflush
wscanf
swscanf
_except_handler3
??_V@YAXPAX@Z
memmove
??2@YAPAXI@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_wcsicmp
_vsnprintf

msvcp71

??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31fadb2f3725f938fcba4e348eca5030

Headers

File Characteristics

Imports

ws2_32

kernel32

msvcr71

msvcp71

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 332B

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 332B