8fd02f49fe47f45cb30dfb4211b3e592

Sharing

Copy URL

Twitter E-mail

General

Target

8fd02f49fe47f45cb30dfb4211b3e592
Size

494KB
MD5

8fd02f49fe47f45cb30dfb4211b3e592
SHA1

03308e61d2fb50b6d74f37e426b8dbf4d463743f
SHA256

a3ebb207861ffd5e0d93a7799421b2167be19bc23c4521b84651436da2aaa886
SHA512

5decea86ad0608d8a3505fa6680b39837132cff9fdddd8f82cfc5fc801a319d8e87652bf0dbc700b86c7cfce174cd343e52dab6861aa529a88df897256c0de46
SSDEEP

6144:bAj3qxKOWTzMvk5UjMOzjXgw9aoe/NvxuR+uObsling:bAj32hoZOXXgw9ENG+ucsOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fd02f49fe47f45cb30dfb4211b3e592

Files

8fd02f49fe47f45cb30dfb4211b3e592
.exe windows:4 windows x86 arch:x86

14f6d9537c317f7a9e7d9cfe6245c528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
__mb_cur_max
_chown32
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_freopen64
_fstat64
_ftruncate64
_geteuid32
_getgid32
_getgrgid32
_getgrnam32
_getpwuid32
_getuid32
_impure_ptr
_lchown32
_lseek64
_lstat64
_mknod32
_open64
_setgid32
_setuid32
_stat64
_tzname
abort
access
atoi
atol
btowc
calloc
chdir
chmod
clock_gettime
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
execl
execlp
execv
exit
fchdir
fclose
fflush
fileno
flockfile
fork
fprintf
fputc
fputs
free
fscanf
fseek
fsync
funlockfile
futimes
fwrite
getc_unlocked
getcwd
getenv
getline
getpagesize
getpid
getpwnam
gettimeofday
gmtime
ioctl
iswalnum
iswctype
iswlower
iswprint
kill
link
localeconv
localtime
localtime_r
malloc
mbrtowc
mbsinit
mbsrtowcs
memchr
memcpy
memmove
mempcpy
memset
mkdir
mkdtemp
mkfifo
nl_langinfo
opendir
pathconf
pipe
putc_unlocked
qsort
read
readdir
readlink
realloc
rename
rmdir
setenv
setlocale
signal
sleep
snprintf
sprintf
strcat
strchr
strcmp
strcpy
strdup
strerror
strerror_r
strlen
strncasecmp
strncmp
strncpy
strndup
strspn
strtoimax
strtok
strtoul
strtoumax
symlink
sysconf
time
towlower
towupper
umask
unlink
unsetenv
utimes
vfprintf
vsnprintf
waitpid
wcrtomb
wcscat
wcscoll
wcslen
wctype
wmemchr
wmemcpy
write

cygiconv-2

libiconv
libiconv_open

cygintl-8

libintl_bindtextdomain
libintl_dgettext
libintl_gettext
libintl_ngettext
libintl_textdomain

kernel32

GetACP
GetModuleHandleA

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14f6d9537c317f7a9e7d9cfe6245c528

Headers

File Characteristics

Imports

cygwin1

cygiconv-2

cygintl-8

kernel32

Sections

.text Size: 243KB - Virtual size: 242KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 37KB - Virtual size: 36KB

.bss Size: - Virtual size: 5KB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 243KB - Virtual size: 242KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 37KB - Virtual size: 36KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 5KB - Virtual size: 4KB