42a03ac818cba4557036afb4037c1e806c00aceee983213aca9d21df58a36bc6N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42a03ac818cba4557036afb4037c1e806c00aceee983213aca9d21df58a36bc6N
Size

55KB
MD5

fe415693386acdfd449bc3827c445e90
SHA1

afb2efd1bc197115366e2750cc1865a9b5e79f51
SHA256

42a03ac818cba4557036afb4037c1e806c00aceee983213aca9d21df58a36bc6
SHA512

96b55e4b6eb88eb0d6fd835d39e256d0030b1d7aa534d019db26177f3eb08e28ea1b4aa81aaae3e7386b828393f8e7fc0cb61bed3b1ab8b7ccd5f423e2574cbc
SSDEEP

768:dVTxYrNGFeTNDNh7/LXV8GI4iEyPwq8eTXFMmOUwljp2JOdNrRrXW:7TmkqBf77VyR4qHjpHIp2JO1XW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a03ac818cba4557036afb4037c1e806c00aceee983213aca9d21df58a36bc6N

Files

42a03ac818cba4557036afb4037c1e806c00aceee983213aca9d21df58a36bc6N
.exe windows:1 windows x86 arch:x86

a2edf87e08e34061036c2d479283fb3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

MessageBoxA

ws2_32

ntohs
WSACleanup
inet_addr
htons
closesocket
setsockopt
sendto
WSAStartup
WSASocketA
WSAGetLastError

crtdll

_iob
_itoa
__GetMainArgs
_strnicmp
abort
exit
fputc
fwrite
localeconv
memcpy
memmove
memset
pow
raise
signal
strcat
strchr
strncmp
strtol
wcslen
wctomb

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 608B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE