john-sse2[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

john-sse2.exe
Size

6.7MB
MD5

c93ff72c6fc4c6fa529ff2fe269e2535
SHA1

6c393e3e18dfc1bf3244a352340809569ff63c01
SHA256

d04dfa0507c28d0b27f1e60b0a07a3ffdcb58278a85744729a37557cc1b2ad85
SHA512

5207ac0716a998cb8b1f7b607b62f0357e9c1c7a57fa2d31f640a7833cd0230584f22fa00680243bdfacb7f85ae40df50cfec54c616e271bd238886ca0e1bc9d
SSDEEP

49152:4BWiSuVtsfHbsKT8V6tUiiiiMCy6MUmaBf/PlJyvSxNttu7UfrZZIFy9s1Y5i7T3:wWiDm7PmUF6nf/a8dZm/3mRk7

Score

1^/10

Malware Config

Signatures

Files

john-sse2.exe
.exe windows x64

240e335f31ef2bc57b30cac280934f7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygbz2-1

BZ2_bzDecompress
BZ2_bzDecompressEnd
BZ2_bzDecompressInit

cygcrypt-2

crypt

cygcrypto-1.1

AES_cbc_encrypt
AES_cfb128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_set_decrypt_key
AES_set_encrypt_key
BF_cbc_encrypt
BF_cfb64_encrypt
BF_ecb_encrypt
BF_set_key
BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_bn2hex
BN_cmp
BN_div
BN_free
BN_hex2bn
BN_mod_exp
BN_mul
BN_new
CAST_cfb64_encrypt
CAST_ecb_encrypt
CAST_set_key
CMAC_CTX_free
CMAC_CTX_new
CMAC_Final
CMAC_Init
CMAC_Update
CRYPTO_free
Camellia_cfb128_encrypt
Camellia_set_key
DES_cbc_cksum
DES_cbc_encrypt
DES_crypt
DES_ecb_encrypt
DES_ede3_cbc_encrypt
DES_ede3_cfb64_encrypt
DES_encrypt1
DES_key_sched
DES_ncbc_encrypt
DES_pcbc_encrypt
DES_set_key
DES_set_key_unchecked
DES_set_odd_parity
DES_string_to_key
DSA_free
DSA_get0_key
DSA_get0_pqg
DSA_new
DSA_set0_key
DSA_set0_pqg
EVP_aes_128_cbc
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
RC2_cbc_encrypt
RC2_set_key
RIPEMD160_Final
RIPEMD160_Init
RIPEMD160_Update
SHA1
SHA1_Final
SHA1_Init
SHA1_Update
SHA224_Final
SHA224_Init
SHA224_Update
SHA256_Final
SHA256_Init
SHA256_Update
SHA384_Final
SHA384_Init
SHA384_Update
SHA512_Final
SHA512_Init
SHA512_Update
WHIRLPOOL_Final
WHIRLPOOL_Init
WHIRLPOOL_Update

cygwin1

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__main
_dll_crt0
_exit
_impure_ptr
abort
asctime
atoi
atol
atoll
calloc
chmod
clock
close
closedir
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dlopen
dlsym
execv
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fileno
fopen
fork
fprintf
fputc
fputs
fread
free
freopen
fscanf
fseek
fstat
fsync
ftell
ftruncate
fwrite
getc
getchar
getenv
getopt
getpid
getppid
gettimeofday
gmtime
isatty
kill
localtime
log
lseek
malloc
memchr
memcmp
memcpy
memmem
memmove
memset
mmap
munmap
nice
open
opendir
optarg
optind
perror
posix_memalign
pow
printf
putchar
puts
qsort
raise
rand
read
readdir
realloc
rewind
sched_yield
setenv
setlocale
setvbuf
sigaction
signal
sleep
snprintf
sprintf
srand
sscanf
stat
stpcpy
strcasecmp
strcasestr
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strftime
strlen
strlwr
strncasecmp
strncat
strncmp
strncpy
strnlen
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
strupr
sysconf
tcgetattr
tcgetpgrp
tcsetattr
time
times
tolower
toupper
umask
ungetc
unlink
vfprintf
vsnprintf
vsprintf
wait
write

cyggmp-10

__gmp_version
__gmpz_clear
__gmpz_get_str
__gmpz_init
__gmpz_init_set_str
__gmpz_mul_2exp
__gmpz_powm
__gmpz_set_str

cygopencl-1

clBuildProgram
clCreateBuffer
clCreateCommandQueue
clCreateContext
clCreateKernel
clCreateProgramWithBinary
clCreateProgramWithSource
clEnqueueMapBuffer
clEnqueueNDRangeKernel
clEnqueueReadBuffer
clEnqueueUnmapMemObject
clEnqueueWriteBuffer
clFinish
clFlush
clGetDeviceIDs
clGetDeviceInfo
clGetEventInfo
clGetEventProfilingInfo
clGetKernelInfo
clGetKernelWorkGroupInfo
clGetMemObjectInfo
clGetPlatformIDs
clGetPlatformInfo
clGetProgramBuildInfo
clGetProgramInfo
clReleaseCommandQueue
clReleaseContext
clReleaseEvent
clReleaseKernel
clReleaseMemObject
clReleaseProgram
clSetKernelArg
clWaitForEvents

cygz

inflate
inflateEnd
inflateInit2_
inflateInit_

cyggcc_s-seh-1

__floatuntidf
__udivmodti4
__udivti3
__umodti3

cyggomp-1

GOMP_barrier
GOMP_critical_end
GOMP_critical_start
GOMP_parallel
GOMP_sections_end
GOMP_sections_next
GOMP_sections_start
GOMP_single_start
omp_get_max_threads
omp_get_num_threads
omp_get_thread_num
omp_set_num_threads

kernel32

CloseHandle
CreateMutexA
GetModuleHandleA
GetModuleHandleW
MapViewOfFile
OpenFileMappingA
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
SetConsoleCtrlHandler
Sleep
UnmapViewOfFile
WaitForSingleObject

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 643KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

240e335f31ef2bc57b30cac280934f7c

Headers

DLL Characteristics

File Characteristics

Imports

cygbz2-1

cygcrypt-2

cygcrypto-1.1

cygwin1

cyggmp-10

cygopencl-1

cygz

cyggcc_s-seh-1

cyggomp-1

kernel32

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.data Size: 643KB - Virtual size: 643KB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 108KB - Virtual size: 108KB

.xdata Size: 128KB - Virtual size: 127KB

.bss Size: - Virtual size: 20.2MB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.data
Size: 643KB - Virtual size: 643KB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 108KB - Virtual size: 108KB

.xdata
Size: 128KB - Virtual size: 127KB

.bss
Size: - Virtual size: 20.2MB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB