990c8a51e1361247a351a05764ed4173

Sharing

Copy URL Twitter E-mail

General

Target

990c8a51e1361247a351a05764ed4173
Size

494KB
MD5

990c8a51e1361247a351a05764ed4173
SHA1

6093f93aacea4574739e8130d6b26b4d9b05c5f1
SHA256

283413503aac524720787277b3896481965949ed40707553ee1d4777d030e848
SHA512

a109ab6f896e892451c13518bbe26963f25d2998b2cf2ddca22554d9900e1a03fc6a2d79122b8e701684db7a14b9c457b0f6d99dd3420432024c80b9dc217133
SSDEEP

6144:bAj3qxKOWTzMvk5UjMOzjXgw9aoe/NvxuR+uObslinL:bAj32hoZOXXgw9ENG+ucsOL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
990c8a51e1361247a351a05764ed4173

Files

990c8a51e1361247a351a05764ed4173
.exe windows:4 windows x86 arch:x86

14f6d9537c317f7a9e7d9cfe6245c528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__main
__mb_cur_max
_chown32
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_freopen64
_fstat64
_ftruncate64
_geteuid32
_getgid32
_getgrgid32
_getgrnam32
_getpwuid32
_getuid32
_impure_ptr
_lchown32
_lseek64
_lstat64
_mknod32
_open64
_setgid32
_setuid32
_stat64
_tzname
abort
access
atoi
atol
btowc
calloc
chdir
chmod
clock_gettime
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
execl
execlp
execv
exit
fchdir
fclose
fflush
fileno
flockfile
fork
fprintf
fputc
fputs
free
fscanf
fseek
fsync
funlockfile
futimes
fwrite
getc_unlocked
getcwd
getenv
getline
getpagesize
getpid
getpwnam
gettimeofday
gmtime
ioctl
iswalnum
iswctype
iswlower
iswprint
kill
link
localeconv
localtime
localtime_r
malloc
mbrtowc
mbsinit
mbsrtowcs
memchr
memcpy
memmove
mempcpy
memset
mkdir
mkdtemp
mkfifo
nl_langinfo
opendir
pathconf
pipe
putc_unlocked
qsort
read
readdir
readlink
realloc
rename
rmdir
setenv
setlocale
signal
sleep
snprintf
sprintf
strcat
strchr
strcmp
strcpy
strdup
strerror
strerror_r
strlen
strncasecmp
strncmp
strncpy
strndup
strspn
strtoimax
strtok
strtoul
strtoumax
symlink
sysconf
time
towlower
towupper
umask
unlink
unsetenv
utimes
vfprintf
vsnprintf
waitpid
wcrtomb
wcscat
wcscoll
wcslen
wctype
wmemchr
wmemcpy
write

cygiconv-2

libiconv
libiconv_open

cygintl-8

libintl_bindtextdomain
libintl_dgettext
libintl_gettext
libintl_ngettext
libintl_textdomain

kernel32

GetACP
GetModuleHandleA

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14f6d9537c317f7a9e7d9cfe6245c528

Headers

File Characteristics

Imports

cygwin1

cygiconv-2

cygintl-8

kernel32

Sections

.text Size: 243KB - Virtual size: 242KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 37KB - Virtual size: 36KB

.bss Size: - Virtual size: 5KB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 243KB - Virtual size: 242KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 37KB - Virtual size: 36KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 5KB - Virtual size: 4KB