321d42fd741daa7c0c5b2dc073a7ecfd

General

Target

321d42fd741daa7c0c5b2dc073a7ecfd
Size

145KB
MD5

321d42fd741daa7c0c5b2dc073a7ecfd
SHA1

e60c0a6a76fcd5807b3c4d1beafac09d6a50d6d6
SHA256

e165bed32af088db69f3735c7264955be3645428b13ec7ae223c51ca9cb81a13
SHA512

8c56abe4b2067059eeb66c57fc52e931f229c312592351c1274242c779d52dd3a8e465b3ebff34d73cf1009d8cfe87352636b7a83bd32334814eee101c5530a7
SSDEEP

3072:YEfDN9N+UMoNqhdfT1eurSXuuWVjBufHzZuLXoTOiQPlWa7szmH15:YEbLN0heuEq0/ULSQP8dmHP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
321d42fd741daa7c0c5b2dc073a7ecfd

Files

321d42fd741daa7c0c5b2dc073a7ecfd
.exe windows:4 windows x86 arch:x86

822ad26696b453bdfa84b492d64902ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
__mb_cur_max
_acl32
_chown32
_ctype_
_exit
_fchown32
_fcntl64
_fstat64
_ftruncate64
_getegid32
_geteuid32
_getgid32
_getgroups32
_getuid32
_impure_ptr
_lchown32
_lseek64
_lstat64
_mknod32
_open64
_setregid32
_setreuid32
_stat64
abort
access
atexit
btowc
calloc
chdir
chmod
close
closedir
cygwin_internal
dirfd
dll_crt0__FP11per_process
dup
exit
fchdir
fchmod
fclose
fflush
fprintf
fputs
free
futimes
getcwd
getenv
getline
getpagesize
isatty
iswalnum
iswctype
iswlower
iswprint
link
longjmp
malloc
mbrtowc
mbsinit
memchr
memcpy
memmove
mempcpy
memset
mkdir
nl_langinfo
opendir
pathconf
printf
putc_unlocked
putchar_unlocked
read
readdir
readlink
realloc
rename
rewinddir
rmdir
setjmp
setlocale
sprintf
strcasecmp
strchr
strcmp
strcpy
strerror_r
strlen
strncmp
strndup
strspn
symlink
towlower
towupper
umask
unlink
utimes
vfprintf
wcrtomb
wcscoll
wctype
write

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

kernel32

GetModuleHandleA

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

822ad26696b453bdfa84b492d64902ed

Headers

File Characteristics

Imports

cygwin1

cygintl-8

kernel32

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: 512B - Virtual size: 112B

.rdata Size: 11KB - Virtual size: 11KB

.bss Size: - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB