cde1e20e47c896d0e815f22c3f48920f

General

Target

cde1e20e47c896d0e815f22c3f48920f
Size

130KB
MD5

cde1e20e47c896d0e815f22c3f48920f
SHA1

d1d4cd76ee1f3c7c0b58d7f44f9a2532d67bc1e0
SHA256

e954e18c4343c71f0304ee72025fef67757a1142796aca8ccef379014cafde58
SHA512

d10dc32672c3034ea0a774515c94e7ec42558cb758a9fe0d9fc23a1238aa4d349494e1e152dbb1be42f82af70f642d2cf2567efb6b8efc76f76d6d3e16a2cff0
SSDEEP

1536:4jnBDvoRRl14rQcWAkN7GAlqbkfAGQGV8aMbrNyrf1w+noPvaeBsCXK15Zr6t:KBDv8TmZWXyaiedMbrN6pnoXPBsr5Zrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cde1e20e47c896d0e815f22c3f48920f

Files

cde1e20e47c896d0e815f22c3f48920f
.exe windows:4 windows x86 arch:x86

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__main
_fopen64
_impure_ptr
calloc
cygwin_conv_to_full_posix_path
cygwin_conv_to_full_win32_path
cygwin_conv_to_posix_path
cygwin_conv_to_win32_path
cygwin_internal
cygwin_posix_to_win32_path_list
cygwin_posix_to_win32_path_list_buf_size
cygwin_win32_to_posix_path_list
cygwin_win32_to_posix_path_list_buf_size
dll_crt0__FP11per_process
exit
fgets
fprintf
free
getopt_long
isspace
malloc
optarg
optind
perror
printf
puts
realloc
setbuf
setmode
strcasecmp
strcat
strchr
strcpy
strdup
strerror
strlen
strncpy
strrchr
strtoul

kernel32

CloseHandle
FindFirstFileA
GetLastError
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
SetLastError

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

592ad9eecee89935280f090a1ab9c8e0

Headers

File Characteristics

Imports

cygwin1

kernel32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 416B

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 336B

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 416B

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 336B

.idata
Size: 2KB - Virtual size: 1KB