23bb5a8b12bcabeef65aea4802adb3b6a91609177f6e96befd35b82312f8d17c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23bb5a8b12bcabeef65aea4802adb3b6a91609177f6e96befd35b82312f8d17c
Size

19KB
MD5

b3f34f3a3218bea9208a7525a657b472
SHA1

cc3f4892716f899f31986ccb01df8915c3238395
SHA256

23bb5a8b12bcabeef65aea4802adb3b6a91609177f6e96befd35b82312f8d17c
SHA512

cd447e3978f16cdb636d367cbbcccd7aeadd311c37edb2669b8b8d86e0c837ad2e6373098100f1a7d4745acf064dd6c3069e471b5f1632cddb3a4e2f350959c3
SSDEEP

384:ORA7UzsQ9wxW16ZKZ7Qxts1XUD3WgxX8WJWLxU+WO:OIEJ9whs1XUDlFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23bb5a8b12bcabeef65aea4802adb3b6a91609177f6e96befd35b82312f8d17c

Files

23bb5a8b12bcabeef65aea4802adb3b6a91609177f6e96befd35b82312f8d17c
.exe windows:5 windows x86 arch:x86

f5c5a600dd3250ceec878e3b397a9b62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
WideCharToMultiByte
FormatMessageW
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
SetThreadUILanguage

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_write
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
atoi
exit
malloc
free
_controlfp
_iob
_initterm

ws2_32

socket
bind
setsockopt
inet_addr
gethostbyname
htons
WSAStartup
gethostname
select
recvfrom
WSACleanup
gethostbyaddr
htonl
sendto
inet_ntoa

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE