bd1eca7a47cebf0d5e00eab0c8b026cb6d4f1b425e747638ccb8cf7b9c43c81fN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd1eca7a47cebf0d5e00eab0c8b026cb6d4f1b425e747638ccb8cf7b9c43c81fN
Size

712KB
MD5

21476eeb331025b18cab4734b7345910
SHA1

6c27c53270038fd9fe770b34d8b3b726794edaea
SHA256

bd1eca7a47cebf0d5e00eab0c8b026cb6d4f1b425e747638ccb8cf7b9c43c81f
SHA512

cc0a2f6c7f0d8e21c6176465467d0ea7aa13a84a9c8d0ff226205e21d35c08b7d4748442e6deca458b11de35a0f47920783ed0f54df2a3a783734854628e8ee2
SSDEEP

12288:lELeAd67G0ggJYdOz8qyeLcurU4UeCrCQjyebUKIy7GuJWtY6ftPwOsF:lELeAdmZg4YdOYq/4urTOrZ15IXuUHzc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd1eca7a47cebf0d5e00eab0c8b026cb6d4f1b425e747638ccb8cf7b9c43c81fN

Files

bd1eca7a47cebf0d5e00eab0c8b026cb6d4f1b425e747638ccb8cf7b9c43c81fN
.exe windows:4 windows x86 arch:x86

c825d892ec1994311831ac7bb64ddf1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSAGetLastError
recv
socket
connect
send
closesocket

kernel32

Sleep
LoadLibraryA
GetProcAddress
TerminateThread
lstrlenA
MultiByteToWideChar
ExitProcess

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE