easy_Benign_ffc05068490606593c08ffafbfa9a34481477664c1688ed74e19318e5a5fadef[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

easy_Benign_ffc05068490606593c08ffafbfa9a34481477664c1688ed74e19318e5a5fadef.exe
Size

21KB
MD5

174cad7fb92a5df6f8871cc6894c9297
SHA1

6c74e62a36922239fe9d3346e8492baa010bd55d
SHA256

ffc05068490606593c08ffafbfa9a34481477664c1688ed74e19318e5a5fadef
SHA512

60c83bf318417d8798b9797c2351821ceeeb4aab7b99473f2ab57ecefa65aa03eb3938bf88ccb250befbffbcb6ce26792bf048354d3bf9cbe83a9e541fd48fae
SSDEEP

384:WPFTC8Re45m5FxO04f2+TpYb0VGz827zge9PJ6tgENZ0rrIO82ppWMTA6vt:0FTZF5m5N9upYb0VGieSwQkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_ffc05068490606593c08ffafbfa9a34481477664c1688ed74e19318e5a5fadef.exe

Files

easy_Benign_ffc05068490606593c08ffafbfa9a34481477664c1688ed74e19318e5a5fadef.exe
.exe windows x86

4f14e937e2656085ed6ecf7d09d3c9bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libisc

isc__buffer_init
isc__buffer_add
isc_log_create
isc_log_registercategories
isc_log_setcontext
isc_log_createchannel
isc_log_usechannel
isc_net_ntop
isc_symtab_lookup
isc_symtab_create
isc_stdio_open
isc_entropy_detach
isc_hash_destroy
isc__mem_strdup
isc_commandline_argument
isc_commandline_parse
isc_commandline_errprint
isc_assertion_failed
isc__mem_free
isc_symtab_define
isc_stdio_close
isc_dir_chroot
isc_result_totext
isc_dir_chdir
isc_commandline_option
isc_commandline_index
isc_mem_create
isc_error_runtimecheck
isc_entropy_create
isc_hash_create
isc_log_destroy
isc_mem_destroy

libisccfg

cfg_log_init

libdns

dns_rootname
dns_name_fromtext
dns_zone_setorigin
dns_zone_setdbtype
dns_zone_setfile2
dns_rdataclass_fromtext
dns_zone_setclass
dns_zone_setoption
dns_zone_setcheckmx
dns_zone_dumptostream2
dns_zone_setchecksrv
dns_zone_load
dns_log_init
dns_log_setcontext
dns_rdataset_isassociated
dns_name_format
dns_name_countlabels
dns_zone_log
dns_rdataset_first
dns_rdataset_current
dns_rdata_reset
dns_rdataset_next
dns_master_style_full
dns_master_style_default
dns_result_register
dns_zone_detach
dns_name_destroy
dns_zone_create
dns_zone_settype
dns_name_init
dns_zone_setcheckns
dns_name_setbuffer

kernel32

LoadLibraryA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemDirectoryA
IsDebuggerPresent
GetProcAddress
FreeLibrary
FormatMessageA

msvcr80

strncmp
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
strcat_s
sprintf_s
strchr
strtoul
memset
strncpy_s
free
calloc
strcpy_s
strrchr
_stricmp
printf
fflush
__iob_func
fprintf
exit

ws2_32

WSAGetLastError
gethostbyname
inet_ntoa
inet_addr
htonl
WSASetLastError
ntohs
getservbyport
gethostbyaddr
htons
getservbyname

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f14e937e2656085ed6ecf7d09d3c9bc

Headers

File Characteristics

Imports

libisc

libisccfg

libdns

kernel32

msvcr80

ws2_32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 432B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 432B