test1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

test1.exe
Size

203KB
MD5

e939e71d2493e3c2b961b86eb5aae7d6
SHA1

66f826a0b49cc70c9adc465d51125f9c4d1d1ec7
SHA256

b8975e736b776197512c306506e051954cda5a968ce2967aff1886bcbd43b6b2
SHA512

d657b34bd39cc45a3b83be432cfc71ee2cf9c275f0a75eae0e95ce6aa9a0eec9c757d6afbb8d7e8a7ffdc435a080c236fd3510cbe17464d3769e0f9190908d0b
SSDEEP

3072:jtvfdrJRZdLJjeuZXSPR713hYntojFtFbesSs+aK:1fdrfNbw13hYntoJtFbesSs+aK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
test1.exe

Files

test1.exe
.exe windows x64

c9aa8a7524259d7b3ae6e328e158cd3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libgcc_s_seh-1

_Unwind_Resume

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
getenv
malloc
memcpy
signal
strlen
strncmp
vfprintf

libstdc++-6

_ZNKSt10filesystem7__cxx1128recursive_directory_iteratordeEv
_ZNKSt10filesystem7__cxx114path5_List13_Impl_deleterclEPNS2_5_ImplE
_ZNKSt25__codecvt_utf8_utf16_baseIwE10do_unshiftERiPcS2_RS2_
_ZNKSt25__codecvt_utf8_utf16_baseIwE11do_encodingEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE13do_max_lengthEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE16do_always_noconvEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE5do_inERiPKcS3_RS3_PwS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE6do_outERiPKwS3_RS3_PcS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE9do_lengthERiPKcS3_y
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE3endEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4sizeEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5beginEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7_M_dataEv
_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4sizeEv
_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEcvSt17basic_string_viewIwS2_EEv
_ZNKSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNSolsEPFRSoS_E
_ZNSt10filesystem6statusERKNS_7__cxx114pathE
_ZNSt10filesystem7__cxx1116filesystem_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt10error_code
_ZNSt10filesystem7__cxx1116filesystem_errorD1Ev
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorC1ERKNS0_4pathENS_17directory_optionsEPSt10error_code
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorD1Ev
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorppEv
_ZNSt10filesystem7__cxx114path14_M_split_cmptsEv
_ZNSt10filesystem7__cxx114path5_ListC1Ev
_ZNSt10filesystem9copy_fileERKNS_7__cxx114pathES3_NS_12copy_optionsE
_ZNSt12__shared_ptrINSt10filesystem7__cxx1128recursive_directory_iterator10_Dir_stackELN9__gnu_cxx12_Lock_policyE2EEC1EOS6_
_ZNSt12__shared_ptrINSt10filesystem7__cxx1128recursive_directory_iterator10_Dir_stackELN9__gnu_cxx12_Lock_policyE2EEC1Ev
_ZNSt25__codecvt_utf8_utf16_baseIwED2Ev
_ZNSt3_V216generic_categoryEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_disposeEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE11_M_capacityEy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_Alloc_hiderC1EPcRKS3_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE13_M_local_dataEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE13_M_set_lengthEy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE13_S_copy_charsEPcPKcS7_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4backEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5clearEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5frontEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6resizeEy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7_M_dataEPc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1EOS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1ERKS3_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4backEv
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE5clearEv
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE5frontEv
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE6resizeEy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEC1EOS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEC1Ev
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEED1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEC1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7codecvtIwciEC2Ey
_ZSt19__throw_logic_errorPKc
_ZSt4cout
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_c
_ZStlsIcSt11char_traitsIcESaIcEERSt13basic_ostreamIT_T0_ES7_RKNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVSt25__codecvt_utf8_utf16_baseIwE
_ZdlPvy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_throw
__gxx_personality_seh0

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 861B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9aa8a7524259d7b3ae6e328e158cd3e

Headers

DLL Characteristics

File Characteristics

Imports

libgcc_s_seh-1

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 144B

.rdata Size: 4KB - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 480B

.idata Size: 7KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 236B

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 43KB - Virtual size: 42KB

/31 Size: 7KB - Virtual size: 7KB

/45 Size: 7KB - Virtual size: 7KB

/57 Size: 2KB - Virtual size: 2KB

/70 Size: 1024B - Virtual size: 861B

/81 Size: 8KB - Virtual size: 7KB

/97 Size: 4KB - Virtual size: 4KB

/113 Size: 512B - Virtual size: 405B

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 144B

.rdata
Size: 4KB - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 480B

.idata
Size: 7KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 236B

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 43KB - Virtual size: 42KB

/31
Size: 7KB - Virtual size: 7KB

/45
Size: 7KB - Virtual size: 7KB

/57
Size: 2KB - Virtual size: 2KB

/70
Size: 1024B - Virtual size: 861B

/81
Size: 8KB - Virtual size: 7KB

/97
Size: 4KB - Virtual size: 4KB

/113
Size: 512B - Virtual size: 405B