13353041f6ca94e164f0e8bd51def998bec406b89ec5346e3deb8fc0a5197b5cN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13353041f6ca94e164f0e8bd51def998bec406b89ec5346e3deb8fc0a5197b5cN
Size

1.9MB
MD5

10fab7aa4a639f5ab26dc537c16375c0
SHA1

322853b60c1bc313b31e910607e56ad973c4535f
SHA256

13353041f6ca94e164f0e8bd51def998bec406b89ec5346e3deb8fc0a5197b5c
SHA512

977ffecdc121e81222698ba7fbf4e8b0a9011dafbadc7c6ce1b8d06c8685422e84f539c3c59352e1f8e368e268ba79ec4d78c448daaa0f89e32afb20a5d83f01
SSDEEP

24576:luHcSjySebnZgqJAj9uhRKFiIhDbHpjyAwI+w3mqvYHpFxHv8s54YvYrjXB:lkP+BZnrhEkIDjP5B2qvypX0sZveXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13353041f6ca94e164f0e8bd51def998bec406b89ec5346e3deb8fc0a5197b5cN

Files

13353041f6ca94e164f0e8bd51def998bec406b89ec5346e3deb8fc0a5197b5cN
.exe windows:4 windows x86 arch:x86

c825d892ec1994311831ac7bb64ddf1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSAGetLastError
recv
socket
connect
send
closesocket

kernel32

Sleep
LoadLibraryA
GetProcAddress
TerminateThread
lstrlenA
MultiByteToWideChar
ExitProcess

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE