0028b23c7b8007de7017a79ac316afe0N[.]exe | Triage

Sharing

General

Target

0028b23c7b8007de7017a79ac316afe0N.exe
Size

48KB
MD5

0028b23c7b8007de7017a79ac316afe0
SHA1

e6ea156db20e60e3b68ddcb738d94b9757fd40b0
SHA256

6a1740c8782637034cc5d5f63a020d7038ff23bd2c0ba8868259539213975f3e
SHA512

c98b9ac2e9b70284d672ec2283f192d1558cf2400a4bf3b8ccd0415f7bc40faa1d575207b837f637516ed03dc297832b4615a2f9094947d498575ba9fb1c8a3f
SSDEEP

768:ibziR1XUJ+h0gQRrj36clUAjPe29pkMuKUEIW+S6yl8i7FH6CK:TRO+h09KcNjGCpkcR+S6yei7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0028b23c7b8007de7017a79ac316afe0N.exe

Files

0028b23c7b8007de7017a79ac316afe0N.exe
.exe windows:5 windows x86 arch:x86

3c74d0eaf418010778b05192ec97feac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
atoi
exit
malloc
free
_iob
_write

kernel32

LocalFree
WideCharToMultiByte
FormatMessageW
GetModuleHandleA
LocalAlloc

ws2_32

htons
WSAStartup
gethostname
select
gethostbyname
WSACleanup
gethostbyaddr
htonl
sendto
inet_addr
setsockopt
bind
socket
recvfrom
inet_ntoa

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ugunorc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE