428b47caf74ce986bc3688262355d5b7[.]7z

General

Target

428b47caf74ce986bc3688262355d5b7.7z
Size

13KB
MD5

a4bc0a17ca9aa6bc222dd0e2e70d7d15
SHA1

5966aacc09e36a212afbe21b0455285423bb6eab
SHA256

413113b382dd15592db938f351d41a2a15ac6fcebf81030b6daef2822f6158fb
SHA512

8ff5045110876eb71cc23991544b8d5bcb5ed35a99b332fcb665fb36d16af7e424c40b864fc4b0577efcfa60ca4fdfd375896762ad8b81dc838cb6c396a3e369
SSDEEP

384:+wgl9gGoNAXy3mdf1ArFaxzt0EwMqOp5wKDNQzzAVZuKm:+wgl9gFNFyfOrgqMqOJN3V+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/428b47caf74ce986bc3688262355d5b7

Files

428b47caf74ce986bc3688262355d5b7.7z
.7z

Password: infected
428b47caf74ce986bc3688262355d5b7
.exe windows:4 windows x86

d44d52ad6e3aff244abe8f509b16d124

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__main
_dll_crt0@0
_fopen64
_impure_ptr
_open64
alarm
atoi
atol
calloc
close
connect
creat
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dup2
execl
exit
fclose
fgets
fork
fprintf
free
gethostbyname
getpid
gettimeofday
grantpt
ioctl
localtime
malloc
memcpy
perror
ptsname
putenv
read
realloc
recv
select
send
setsid
shutdown
sleep
socket
sprintf
sscanf
strcmp
strdup
strftime
strncpy
strtok
time
unlockpt
waitpid
write

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 73KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

d44d52ad6e3aff244abe8f509b16d124

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 11KB - Virtual size: 10KB

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 73KB

.idata Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 11KB - Virtual size: 10KB

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 73KB

.idata
Size: 1KB - Virtual size: 1KB