iperf[.]exe | Triage

General

Target

iperf.exe
Size

107KB
MD5

327ef6ec0ae9c963a2a2eb260c082c20
SHA1

a9ee0961cce747f18f3ea4cd99c1bf872a67546b
SHA256

6023cc10a800d3996e02fc7d8b3ef988efd37a7021858ecf63770106254a21b7
SHA512

ee0332d76c7e199b872781b0adec63480bfc8ef5717de0ebea7a3320191ce3f928116abf6a0c0fe1f27b55b2e65f9dc83fa5dd7d8c8f32cfa2aa05f55a107263
SSDEEP

3072:7AzGEPJrhX7KQETVBEPAVh7p6Pr1fvIKEdTzuhOChC38usHfJY6En6T2TSCOCOdV:UzvPJfETVBEPAVh7p6Pr1fvIKEdTzuhP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
iperf.exe

Files

iperf.exe
.exe windows x86

b1033219915ed41dad7b3f945c2e99c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
_ctype_
_fopen64
_impure_ptr
abort
accept
atexit
atof
atoi
bind
calloc
chdir
close
connect
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fork
fprintf
fread
free
fwrite
getenv
gethostbyname
getpeername
getpid
getsockname
getsockopt
gettimeofday
h_errno
inet_ntop
inet_pton
listen
localtime
malloc
memcpy
memset
printf
pthread_atfork
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_detach
pthread_exit
pthread_getspecific
pthread_key_create
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_self
pthread_setspecific
putchar
read
realloc
recv
recvfrom
select
send
sendto
setsid
setsockopt
sigaction
sigemptyset
signal
snprintf
socket
sscanf
strcmp
strcpy
strerror
strftime
strlen
strncmp
strtol
time
usleep
write

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1033219915ed41dad7b3f945c2e99c0

Headers

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 50KB - Virtual size: 49KB

.data Size: 512B - Virtual size: 144B

.rdata Size: 11KB - Virtual size: 11KB

.bss Size: - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 50KB - Virtual size: 49KB

.data
Size: 512B - Virtual size: 144B

.rdata
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 2KB