578e64159e0db60554b8680d542de023

General

Target

578e64159e0db60554b8680d542de023
Size

82KB
MD5

578e64159e0db60554b8680d542de023
SHA1

8b26f32e97b9c48e2e1833268aa17406ac8f932c
SHA256

e0387cf3f66ab88ff625cf23c83ec9902c9f6b1f688ec08f417ce664ecdb12f3
SHA512

66cd95b3df234fdd95bebf61f9e6fce02cc3e9524f6fe184c0f6f79fe7f549a6f064672e6bdc6699f46fe330deaea0f3b2de34d5da7e855c41f92d3f6ebe320e
SSDEEP

384:qGDoRpRzfJvofihBI+TIIxXmrUrDnNcYPbOiu41SLws6lgQ6tiy:bcjZJvofQftBDnGGbOj41SkslQ6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
578e64159e0db60554b8680d542de023

Files

578e64159e0db60554b8680d542de023
.exe windows:4 windows x86 arch:x86

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_fopen64
_impure_ptr
calloc
cygwin_conv_to_full_posix_path
cygwin_conv_to_full_win32_path
cygwin_conv_to_posix_path
cygwin_conv_to_win32_path
cygwin_internal
cygwin_posix_to_win32_path_list
cygwin_posix_to_win32_path_list_buf_size
cygwin_win32_to_posix_path_list
cygwin_win32_to_posix_path_list_buf_size
dll_crt0__FP11per_process
exit
fgets
fprintf
free
getopt_long
isspace
malloc
optarg
optind
perror
printf
puts
realloc
setbuf
setmode
strcasecmp
strcat
strchr
strcpy
strdup
strerror
strlen
strncpy
strrchr
strtoul

kernel32

CloseHandle
FindFirstFileA
GetLastError
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
SetLastError

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

Imports

cygwin1

kernel32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 416B

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 336B

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 416B

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 336B

.idata
Size: 2KB - Virtual size: 1KB