e23fa0d5fc7430a32c4a87613e0ab1b80a18b81b72f757c565902bf4c4eab908 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e23fa0d5fc7430a32c4a87613e0ab1b80a18b81b72f757c565902bf4c4eab908
Size

272KB
MD5

2d3021b33bb8871137f45d6120c430d0
SHA1

6b222a68c063ca5d8c2a9cd68763a0044ff87492
SHA256

e23fa0d5fc7430a32c4a87613e0ab1b80a18b81b72f757c565902bf4c4eab908
SHA512

af89ee065c44a436b996d163f22d60e0ba733bc5029b9d99e0f899a5a4bd31f4dcea3865e15d98d9f013bf925cb951d31d1c3891b7e20d0f99e65b370189750b
SSDEEP

6144:Ygk+p1xnmYmTzexXtOHnyhZ9uk+eLFc+uVF1VuM:hTxBKzAgHnyjXLFcUM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e23fa0d5fc7430a32c4a87613e0ab1b80a18b81b72f757c565902bf4c4eab908

Files

e23fa0d5fc7430a32c4a87613e0ab1b80a18b81b72f757c565902bf4c4eab908
.exe windows:4 windows x86 arch:x86

9d9e456767a6e701f6772683c4e0b05e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
abort
atoi
bsearch
calloc
chmod
close
ctime
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fcntl
fdopen
fflush
fgets
fileno
fopen
fprintf
fputc
fread
free
fseek
fstat
ftell
fwrite
getcwd
getenv
getgid
getuid
isspace
malloc
memchr
memcpy
memset
mktemp
open
perror
printf
putc
qsort
read
realloc
sbrk
setlocale
sprintf
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
time
umask
unlink
vfprintf

kernel32

GetModuleHandleA

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE