147134c72a36d2bc386fbcfafd40bdb5

General

Target

147134c72a36d2bc386fbcfafd40bdb5
Size

217KB
MD5

147134c72a36d2bc386fbcfafd40bdb5
SHA1

939fb01a803ef23ef826e2648d08e33729c6c59b
SHA256

f4a843f37a4493e80806460669f0f743df77668b987c8506d523c83235f4d50f
SHA512

2fde4735f88002b94c7a6fb9c2dccc32bd7ff2a3390129e05cea56d6be57bebe87782de002936dca9aae4db7535828a6cc20947bd10cf3a1f77ebf64e5fd5677
SSDEEP

3072:SbyImae22O36C3YvcuUoT+IMCpQ2/fO23tU2Cy6gKV6Y:SuOp3YRT+IpQwpdU2CyRA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
147134c72a36d2bc386fbcfafd40bdb5

Files

147134c72a36d2bc386fbcfafd40bdb5
.exe windows:4 windows x86 arch:x86

98b1227c8cb1a063f350bd6b1d9c6ce0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygcrypt-0

crypt

cygwin1

__assert
__errno
__getreent
__main
_fcntl64
_fstat64
_geteuid32
_getpwuid32
_impure_ptr
_lseek64
_open64
_setgid32
_setgroups32
_setuid32
_stat64
_truncate64
abort
accept
alarm
atof
atoi
atol
bind
calloc
chdir
chroot
close
closedir
connect
cygwin_internal
dll_crt0__FP11per_process
dup
exit
fflush
fileno
fork
fprintf
free
fwrite
gethostbyname
getopt
getpeername
getpid
getpwnam
getrlimit
getrusage
getsockname
getsockopt
gettimeofday
ioctl
link
listen
localtime
malloc
memset
opendir
optarg
optind
posix_regcomp
posix_regexec
printf
pthread_atfork
putchar
puts
raise
rand
read
readdir
realloc
rename
select
setrlimit
setsid
setsockopt
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
signal
sigprocmask
snprintf
socket
srand
sscanf
strcasecmp
strchr
strcmp
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strsignal
strstr
time
uname
unlink
usleep
vprintf
vsnprintf
write

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98b1227c8cb1a063f350bd6b1d9c6ce0

Headers

File Characteristics

Imports

cygcrypt-0

cygwin1

kernel32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 42KB - Virtual size: 41KB

.bss Size: - Virtual size: 15KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 42KB - Virtual size: 41KB

.bss
Size: - Virtual size: 15KB

.idata
Size: 3KB - Virtual size: 3KB