c75d9ec9e81fe10e1cf56833f7bdc4cd

Sharing

Copy URL

Twitter E-mail

General

Target

c75d9ec9e81fe10e1cf56833f7bdc4cd
Size

12KB
MD5

c75d9ec9e81fe10e1cf56833f7bdc4cd
SHA1

63748fc2a1312db1e76fe92a594c7f66952c5277
SHA256

4f62f6e9ee07c22149eefa76d84e089eec72eed1116104240a6b90408614c33b
SHA512

1875ed16bdd2c5d5a681a47915eb83d68c5e39180f3477fc83f2db16b9807aad163cc168a56aeaf27b89c07a5ee341a20e1dbf7d85d23b1726fdb93fe39b7d5e
SSDEEP

192:RFVv/GG6l4XZ70mYDBYUwfRn4lDK7QsWkRGnd:RfGWd0VDtwfR4VK7QsWkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c75d9ec9e81fe10e1cf56833f7bdc4cd

Files

c75d9ec9e81fe10e1cf56833f7bdc4cd
.exe windows:6 windows x86 arch:x86

2271f06eda820286ec2e6c9270c5a0cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\wtf\_x86\exe.command.stage2\beep:pdb

Imports

svc.filesys

?open@File@Client@Filesystem@Services@@SA?AV?$Ref@VFile@Client@Filesystem@Services@@@@V?$Ref@VString@@@@I@Z

lib.commandline

?colorPrn@Commandline@Libraries@@YA?AV?$Ref@VCharPrinter@@@@PB_W@Z
?initCommandline@Commandline@Libraries@@YA_NIV?$Ref@VStream@Interfaces@@@@V?$Ref@VTerminal@@@@P6A?AV3@0V?$Ref@VTextDisplay@@@@@ZP6A?AV?$Ref@VString@@@@V6@PAX@Z5@Z
?colorPrn@Commandline@Libraries@@YA?AV?$Ref@VCharPrinter@@@@V?$Ref@VString@@@@@Z

svc.binary

?arg@Binary@@SA?AV?$Ref@VString@@@@I@Z
?argCount@Binary@@SAIXZ

lib.io.char

?create@CharReader@@SA?AV?$Ref@VCharReader@@@@V?$Ref@VStream@Interfaces@@@@I@Z
?split@StringUtil@@SA?AV?$Ref@V?$TVector@V?$Ref@VString@@@@@@@@V?$Ref@VString@@@@II@Z
?str@StrConv@@SA?AV?$Ref@VString@@@@I@Z
?trim@StringUtil@@SA?AV?$Ref@VString@@@@V2@@Z
?num@StrConv@@SA_NV?$Ref@VString@@@@PAI@Z
?create@CharScanner@@SA?AV?$Ref@VCharScanner@@@@V?$Ref@VCharReader@@@@@Z

svc.sysint

?create@Speaker@Client@SysInt@Services@@SA?AV?$Ref@VSpeaker@Client@SysInt@Services@@@@I@Z

system

?create@String@@SA?AV?$Ref@VString@@@@PB_WII@Z
?decRef@Object@@UAEXXZ
?free@Heap@@SAXPAXI0@Z
?alloc@Heap@@SAPAXIIPAX@Z
?setExitCode@Proc@@SAII@Z
?lock@InitCode@@SAXXZ
?unlock@InitCode@@SAXXZ

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2271f06eda820286ec2e6c9270c5a0cc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

svc.filesys

lib.commandline

svc.binary

lib.io.char

svc.sysint

system

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 820B

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 512B - Virtual size: 404B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 820B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 512B - Virtual size: 404B