af682e5aa628a733c21976e3ed496ab6d07c55913466d5dfd8822a98122ca118

Sharing

Copy URL Twitter E-mail

General

Target

af682e5aa628a733c21976e3ed496ab6d07c55913466d5dfd8822a98122ca118
Size

15.2MB
MD5

fc982827bf939b7df889216db8eb0dab
SHA1

cc90aa9f73d30de7c58575a01a9089c6db5686cd
SHA256

af682e5aa628a733c21976e3ed496ab6d07c55913466d5dfd8822a98122ca118
SHA512

4195a43e7d5b7cfca1560639811720b1684c763df08e0f50b808e4ccec3d6da5863b6d9cadfa9d7df57773c083a4fd442132a2c3974b7bd6f447484d243678cb
SSDEEP

196608:7ZjT5P59/yBhLPo9u+wUgSOoJF8fB2pYQG6jRtKCb:98MYYtKCb

Score

N/A

Malware Config

Signatures

Files

af682e5aa628a733c21976e3ed496ab6d07c55913466d5dfd8822a98122ca118
.exe windows x86

d09ae4f45f420c3a3898271c9e1a97e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert_func
__ctype_ptr__
__errno
__getreent
__res_init
_dll_crt0@0
_exit
_fchown32
_fcntl64
_fdopen64
_fopen64
_fstat64
_ftello64
_getegid32
_geteuid32
_getgrgid32
_getpwuid32
_getuid32
_impure_ptr
_longjmp
_lseek64
_lstat64
_mmap64
_open64
_setjmp
_stat64
_tzname
accept
access
acos
alarm
asctime
asin
atan
atan2
atof
atoi
bcopy
bind
ceil
cfmakeraw
cfsetispeed
cfsetospeed
chdir
chmod
close
closedir
connect
cos
creat
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dup
dup2
endutent
euidaccess
execlp
execvp
exit
exp
fchmod
fclose
fflush
fgets
fileno
floor
fmod
fork
fpathconf
fprintf
fputc
fputs
fread
freeaddrinfo
fsync
fwrite
gai_strerror
getaddrinfo
getc
getcwd
getenv
gethostname
getpagesize
getpeername
getpgrp
getpid
getpwnam
getrlimit
getrusage
getservbyname
getsockname
getsockopt
gettimeofday
getutent
getutid
gmtime
index
ioctl
isatty
kill
link
listen
localtime
log
log10
logb
longjmp
mbrlen
mbsinit
memcpy
memmove
memset
mkdir
mkstemp
mktime
munmap
nl_langinfo
opendir
openpty
pipe
pow
printf
putc
putenv
puts
qsort
random
read
readdir
readlink
recvfrom
rename
rindex
rint
rmdir
sbrk
select
sendto
setitimer
setjmp
setlocale
setpgid
setrlimit
setsid
setsockopt
setutent
setvbuf
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
sigprocmask
sigsuspend
sin
sleep
snprintf
socket
sprintf
sqrt
srandom
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strsignal
strstr
strtod
strtol
symlink
sync
tcdrain
tcflow
tcflush
tcgetattr
tcgetpgrp
tcsetattr
tcsetpgrp
time
tolower
toupper
tzset
umask
uname
ungetc
unlink
unsetenv
utimes
utmpname
vfprintf
wait3
write

cygdbus-1-3

dbus_bus_add_match
dbus_bus_get
dbus_bus_get_unique_name
dbus_bus_request_name
dbus_connection_flush
dbus_connection_get_dispatch_status
dbus_connection_pop_message
dbus_connection_read_write
dbus_connection_send
dbus_connection_send_with_reply
dbus_connection_send_with_reply_and_block
dbus_connection_set_watch_functions
dbus_error_free
dbus_error_init
dbus_error_is_set
dbus_message_get_interface
dbus_message_get_member
dbus_message_get_path
dbus_message_get_reply_serial
dbus_message_get_sender
dbus_message_get_serial
dbus_message_get_type
dbus_message_iter_append_basic
dbus_message_iter_close_container
dbus_message_iter_get_arg_type
dbus_message_iter_get_basic
dbus_message_iter_init
dbus_message_iter_init_append
dbus_message_iter_next
dbus_message_iter_open_container
dbus_message_iter_recurse
dbus_message_new
dbus_message_new_method_call
dbus_message_new_signal
dbus_message_set_destination
dbus_message_set_error_name
dbus_message_set_reply_serial
dbus_message_unref
dbus_watch_get_flags
dbus_watch_get_socket
dbus_watch_get_unix_fd

cyggcc_s-1

__deregister_frame_info
__divdi3
__register_frame_info

cygncursesw-10

tgetent
tgetflag
tgetnum
tgetstr
tgoto
tparm
tputs

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d09ae4f45f420c3a3898271c9e1a97e7

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

cygdbus-1-3

cyggcc_s-1

cygncursesw-10

kernel32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 512B - Virtual size: 24B

/4 Size: 512B - Virtual size: 4B

.bss Size: 12.2MB - Virtual size: 12.2MB

.idata Size: 75KB - Virtual size: 76KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 512B - Virtual size: 24B

/4
Size: 512B - Virtual size: 4B

.bss
Size: 12.2MB - Virtual size: 12.2MB

.idata
Size: 75KB - Virtual size: 76KB