dcf98000aea0e5d53329b288dc3e8d3d30ba178f5de54f6abe77d4cc49b91831

Sharing

Copy URL

Twitter E-mail

General

Target

dcf98000aea0e5d53329b288dc3e8d3d30ba178f5de54f6abe77d4cc49b91831
Size

1.3MB
MD5

7887a1b98e467a1df567687862edc3dd
SHA1

a80d39a60da263d9c0616c1ca968b4b9ea0e04fd
SHA256

dcf98000aea0e5d53329b288dc3e8d3d30ba178f5de54f6abe77d4cc49b91831
SHA512

bcdbcae665eedeacf70e582702852b303139a856e2777ea7fc56bf98c7633b63a7aa6948c7b1dc3034500c780593882c883204c4494ce4eaaa2cb85105395a53
SSDEEP

24576:vbOHSVFllT0TKvXrauuK7jc4PUJys0rw+:DOHSVFllTXvRuKIJysKw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf98000aea0e5d53329b288dc3e8d3d30ba178f5de54f6abe77d4cc49b91831

Files

dcf98000aea0e5d53329b288dc3e8d3d30ba178f5de54f6abe77d4cc49b91831
.exe windows:4 windows x86 arch:x86

0e235c73c5f95f752041e5cf16b82f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-crypto-1.0.0

BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_dup
BN_new
BN_num_bits
BN_sub
BN_value_one
CRYPTO_free
DSA_SIG_free
DSA_SIG_new
DSA_do_sign
DSA_do_verify
DSA_free
DSA_generate_key
DSA_generate_parameters
DSA_new
ERR_error_string
ERR_get_error
EVP_DigestFinal
EVP_DigestInit
EVP_DigestUpdate
EVP_get_digestbyname
EVP_md5
EVP_sha1
MD5_Final
MD5_Init
MD5_Update
OBJ_nid2sn
OPENSSL_add_all_algorithms_noconf
RAND_bytes
RAND_status
RC4
RC4_set_key
RSA_blinding_on
RSA_free
RSA_generate_key
RSA_get_default_method
RSA_new
RSA_private_decrypt
RSA_public_decrypt
RSA_public_encrypt
RSA_set_method
RSA_sign
RSA_size
SSLeay

msys-1.0

__errno
__main
_ctype_
_exit
abort
accept
atoi
bind
calloc
chdir
close
closelog
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
dup2
execlp
execvp
exit
fcntl
fflush
fgetc
fgets
fork
fprintf
fputc
free
fwrite
getegid
getenv
geteuid
getgid
getgroups
gethostbyaddr
gethostbyname
getpid
getpwnam
getpwuid
getservbyname
getsockopt
gettimeofday
getuid
inet_aton
inet_ntoa
initgroups
isatty
kill
listen
lstat
malloc
memcpy
memmove
memset
mkdir
open
openlog
pathconf
perror
pipe
poll
printf
puts
read
readv
realloc
rmdir
select
setegid
setenv
seteuid
setgid
setmode
setrlimit
setsid
setsockopt
setuid
sigaction
sigemptyset
snprintf
socket
socketpair
stat
strcasecmp
strchr
strcmp
strcspn
strdup
strerror
strlen
strncasecmp
strncmp
strpbrk
strrchr
strsep
strspn
strtol
strtoul
syslog
tcgetattr
tcsetattr
time
umask
unlink
vsnprintf
waitpid
write

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e235c73c5f95f752041e5cf16b82f9f

Headers

File Characteristics

Imports

msys-crypto-1.0.0

msys-1.0

kernel32

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 14KB - Virtual size: 14KB

.data_cy Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 2KB

.idata Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 14KB - Virtual size: 14KB

.data_cy
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 2KB

.idata
Size: 1.2MB - Virtual size: 1.2MB