5f30d866e04e1852f794348bffe2199a0de182dfca5606bd56e122af37802753N

General

Target

5f30d866e04e1852f794348bffe2199a0de182dfca5606bd56e122af37802753N
Size

44KB
MD5

24f223ab4adf2aeafb902137da92d810
SHA1

ed85bcb3a36fbf6affa8df10fdb8004899a273a5
SHA256

5f30d866e04e1852f794348bffe2199a0de182dfca5606bd56e122af37802753
SHA512

85dbc8207373566f63345396fa3422765293faa85ecbb509f91313e5afefbff2d19c6cc57f278ad99560dd3eef88c685a7cb6fa75fb0ef3ae4f0a7b924eeeb06
SSDEEP

768:J0N/4t6/cmw7S3J6KUJQUpQZcKO94VF0Jeb99aODWMK39ZF0WwF0cXK+f:mNAt6oixUXMqSl59bDY3HF0drK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f30d866e04e1852f794348bffe2199a0de182dfca5606bd56e122af37802753N

Files

5f30d866e04e1852f794348bffe2199a0de182dfca5606bd56e122af37802753N
.exe windows:6 windows x86 arch:x86

893547291cdd400530b7b8068afd1bc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tftp.pdb

Imports

kernel32

FormatMessageA
MoveFileA
DeleteFileA
SetThreadUILanguage
HeapSetInformation
LocalFree
IsDBCSLeadByteEx
GetLastError
GetLocalTime
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

_iob
_fileno
_dup
_fdopen
fopen
putc
_unlink
fclose
_open
_write
_close
_errno
memcpy
_controlfp
_except_handler4_common
atol
_strnicmp
_stricmp
_access
free
strcpy_s
malloc
isprint
fputs
fprintf
strncpy_s
_itoa
memset
atoi
_ftol2_sse
_CIpow
strcat_s
calloc
sprintf_s
_vsnprintf
_setmode
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
exit
time
getc
ferror
_read
_stat

ws2_32

sendto
closesocket
select
getsockname
getservbyname
getnameinfo
htons
ntohs
bind
socket
recvfrom
WSAStartup
WSAGetLastError
getaddrinfo
freeaddrinfo

user32

CharToOemBuffA
CharNextExA

mswsock

s_perror

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

893547291cdd400530b7b8068afd1bc0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

ws2_32

user32

mswsock

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 29KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 29KB