Malicious_b8d0cc4d2ed91357e3e9b1d86b84183adc69294ee02e3885859a1370a2270c3f[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Malicious_b8d0cc4d2ed91357e3e9b1d86b84183adc69294ee02e3885859a1370a2270c3f.exe
Size

81KB
MD5

f34857fc27d5e2686c788965d1241aa4
SHA1

7a06d2137b5f45b8d9c61b8e66d91c112fac3441
SHA256

b8d0cc4d2ed91357e3e9b1d86b84183adc69294ee02e3885859a1370a2270c3f
SHA512

ab13cb437fcad26ada94e80d81fcbc744351ae6163fc686abcfc3316ab10f766843d46e06f24ac9a9a321591e841ab5949a011c6b8ef3752d3641755a7f99254
SSDEEP

1536:PRDytZNaLUH4OmR/N7Xn3oC6SHQs8QNITWhK8nVh2G:ZDyVwxOmR/N7X3LwUIKw8nVh2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Malicious_b8d0cc4d2ed91357e3e9b1d86b84183adc69294ee02e3885859a1370a2270c3f.exe

Files

Malicious_b8d0cc4d2ed91357e3e9b1d86b84183adc69294ee02e3885859a1370a2270c3f.exe
.exe windows x64

9dd4b2df39024e8764fc1b5a6be065ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cygwin1

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__locale_mb_cur_max
__main
_dll_crt0
_exit
_impure_ptr
abort
access
calloc
chdir
chmod
chown
close
closedir
cygwin_detach_dll
cygwin_internal
dirfd
dll_dllcrt0
endgrent
error
exit
fchdir
fchown
fclose
fcntl
fdopendir
fprintf
fputs_unlocked
free
fstat
fstatat
fwrite
getcwd
getenv
getgrgid
getgrnam
getopt_long
getpwuid
getrlimit
iswprint
lchown
lstat
malloc
mbrtowc
mbsinit
memchr
memcmp
memcpy
memmove
memrchr
memset
nl_langinfo
open
openat
optarg
optind
posix_memalign
printf
program_invocation_name
program_invocation_short_name
qsort
readdir
realloc
setlocale
sprintf
stat
stpcpy
strchr
strcmp
strcpy
strdup
strlen
strncmp
strrchr
strspn
strtoul

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

kernel32

GetACP
GetModuleHandleA
GetModuleHandleW
GetProcAddress

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 928B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dd4b2df39024e8764fc1b5a6be065ab

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

cygintl-8

kernel32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 232B

.rdata Size: 10KB - Virtual size: 9KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 2KB - Virtual size: 1KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 928B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

/4 Size: 512B - Virtual size: 20B

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 232B

.rdata
Size: 10KB - Virtual size: 9KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 2KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 928B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

/4
Size: 512B - Virtual size: 20B