isoinfo[.]exe | Triage

General

Target

isoinfo.exe
Size

286KB
MD5

fc1d9b7a02dbfe794b13f6d7a385460c
SHA1

8d941d705c4126fcb80854292a40e36c786364e2
SHA256

67e76829e1c341605e6c74a18133b4a516554f87b041af8439807341d299dfee
SHA512

982dc3327fa3fb135926e64672b6ce711bfa072ad84b2136f2267f603e3b2459d2552218d87387579c5c709cdb1d9d8c32157784c6f1bac1951ff3d06bde0651
SSDEEP

3072:pe7ZIdr0wwv/+/2g8ZU/A1Hl8uMWVUbPH8u7uRM859uBi3:p6dju/2gTMl8uMWVUbrugBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
isoinfo.exe

Files

isoinfo.exe
.exe windows:4 windows x86

1d7ee7513a5c2ccca8b9b7cc937bc26b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__isinfd
__isnand
__main
_ctype_
_exit
_fdopen64
_fopen64
_fseeko64
_geteuid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_open64
_setreuid32
_setuid32
abort
atexit
atoi
calloc
close
cygwin_internal
dlclose
dll_crt0__FP11per_process
dlopen
dlsym
dup2
ecvt
execlp
exit
fclose
fcvt
fflush
fgets
fileno
fork
fputc
free
fwrite
gcvt
getc
getenv
getpwnam
getservbyname
gettimeofday
malloc
memcpy
memmove
memset
perror
putc
putchar
puts
rcmd
read
realloc
rewind
setbuf
setmode
setsockopt
signal
sleep
socketpair
sscanf
strcat
strchr
strcmp
strcpy
strdup
strerror
strncat
strncmp
strncpy
strrchr
strstr
usleep
valloc
wait
write

kernel32

CloseHandle
CreateEventA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetLastError
GetModuleHandleA
GetVersionExA
ResetEvent
WaitForSingleObject

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d7ee7513a5c2ccca8b9b7cc937bc26b

Headers

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 79KB - Virtual size: 79KB

.data Size: 111KB - Virtual size: 110KB

.rdata Size: 35KB - Virtual size: 35KB

.bss Size: - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 2KB

.text
Size: 79KB - Virtual size: 79KB

.data
Size: 111KB - Virtual size: 110KB

.rdata
Size: 35KB - Virtual size: 35KB

.bss
Size: - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 2KB