c2df96122c34cf021656099ecfc4f5f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2df96122c34cf021656099ecfc4f5f5
Size

27KB
MD5

c2df96122c34cf021656099ecfc4f5f5
SHA1

38b94180a0e06caecd8a71ba3bd7046b1a8f76d8
SHA256

307fcbb037a4367d87ed68dc2143594f6e53b5fba93057bd041641662099355c
SHA512

a948b6ed550df646c1b5bcb3714955f3889f55f8a9b37f4082130ff280ca041c35ecdeabddf6ec413df2f4358f5241cb3598ac095b4ece7dbf76281c1b782253
SSDEEP

384:6TFIbnnvjfOy6VCD4yXeZ/u+p43V3VZoCyPxjzaf1rOl9GMQWIf6+xU0fbppi8SU:g0bkNyXfR+jzC1rG9KTxljeI1WMU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2df96122c34cf021656099ecfc4f5f5

Files

c2df96122c34cf021656099ecfc4f5f5
.exe windows:4 windows x86 arch:x86

f6ab34c1c9625a43623c16cfc23bd527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_fopen64
_impure_ptr
_lstat64
_stat64
atol
calloc
chmod
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fgets
fprintf
fread
free
fseek
ftell
fwrite
malloc
mktemp
perror
printf
putc
puts
qsort
realloc
rename
signal
sprintf
strcpy
strlen
strrchr
unlink

kernel32

GetModuleHandleA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE