8f2552a6c39af7776d34ce51a66448e6f0f2911026dad1a4513c0120b8aebbf5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f2552a6c39af7776d34ce51a66448e6f0f2911026dad1a4513c0120b8aebbf5
Size

87KB
MD5

e8f5a09aa099c4a1661b20d69564e8ce
SHA1

a301a7d2c77a5ddd3324a79cc21d641809bf23ec
SHA256

8f2552a6c39af7776d34ce51a66448e6f0f2911026dad1a4513c0120b8aebbf5
SHA512

766df5ba45b3c48885aea0c100ce8a8a3fdaf8d30b5a819f45516d3e87b04948d1300cd8f44c451a438c2b5ac7fd8fd94fa292d6eb0867a738f2669520e9ef20
SSDEEP

1536:lBYL8mIvuYwmPt1opqIrYfLqT2VS41QgfpxdoWyrco5WhI:lBk8mIvuEPGb02TaQg+rcWWhI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f2552a6c39af7776d34ce51a66448e6f0f2911026dad1a4513c0120b8aebbf5

Files

8f2552a6c39af7776d34ce51a66448e6f0f2911026dad1a4513c0120b8aebbf5
.exe windows:4 windows x86 arch:x86

c825d892ec1994311831ac7bb64ddf1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSAGetLastError
recv
socket
connect
send
closesocket

kernel32

Sleep
LoadLibraryA
GetProcAddress
TerminateThread
lstrlenA
MultiByteToWideChar
ExitProcess

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE