a68189af8b990694161387bc069447a13425e417051ed911a7966fdb16bcb7c6

Sharing

Copy URL

Twitter E-mail

General

Target

a68189af8b990694161387bc069447a13425e417051ed911a7966fdb16bcb7c6
Size

71KB
MD5

dd03df1195abb548cbeb315e1bc8bdd8
SHA1

20a68e5d3aab5540494f90795583c8ab14d62bbf
SHA256

a68189af8b990694161387bc069447a13425e417051ed911a7966fdb16bcb7c6
SHA512

5beaf3812ced697b78959cb27bb811cdb01638a5b9fc5acd1219aecddc24d1c6a65e38bcd69a49f18ff73d02a6f8507be1e475ae5534a3499c9a04a7ac716400
SSDEEP

768:dllhPrfxfpeNBGwfUMgNo8fVaomV7KgAKbjLlNXVt8kAB2pcTOiWT1Niqbo8jUTQ:hFr26cgNffVaoWK5cjLlITOvpUXuruW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a68189af8b990694161387bc069447a13425e417051ed911a7966fdb16bcb7c6

Files

a68189af8b990694161387bc069447a13425e417051ed911a7966fdb16bcb7c6
.exe windows:4 windows x64 arch:x64

060f6baa00d70277c27c25f3fef9bd00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

msys-intl-8

libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

msys-2.0

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__locale_mb_cur_max
__main
__memcpy_chk
__sprintf_chk
__strcpy_chk
_dll_crt0
_exit
_impure_ptr
abort
access
calloc
chdir
close
closedir
cygwin_conv_path
cygwin_internal
dll_dllcrt0
error
exit
explicit_bzero
fchdir
fclose
fcntl
fdopen
fdopendir
fflush
fileno
fopen
fpathconf
fprintf
fputc_unlocked
fputs_unlocked
fread_unlocked
free
fseeko
fstat
fstatat
fwrite
getcwd
getenv
geteuid
getgid
getline
getopt_long
getpid
getppid
gettimeofday
getuid
iswprint
link
linkat
lstat
malloc
mbrtowc
mbsinit
memchr
memcmp
memcpy
memmove
memrchr
memset
mkdir
msys_detach_dll
nl_langinfo
open
openat
optarg
optind
pathconf
posix_memalign
printf
program_invocation_name
program_invocation_short_name
pthread_mutex_lock
pthread_mutex_unlock
putc_unlocked
read
readdir
readlink
readlinkat
realloc
renameat
renameat2
rewinddir
rpmatch
setlocale
setvbuf
sprintf
stat
stpcpy
strcasecmp
strchr
strcmp
strcpy
strlen
strncmp
strrchr
strspn
symlinkat
tolower
toupper
unlinkat

kernel32

GetACP
GetModuleHandleA
GetModuleHandleW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

060f6baa00d70277c27c25f3fef9bd00

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msys-intl-8

msys-2.0

kernel32

Sections

.text Size: 45KB - Virtual size: 45KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 12KB - Virtual size: 11KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 3KB - Virtual size: 2KB

.xdata Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 148B

.text
Size: 45KB - Virtual size: 45KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 12KB - Virtual size: 11KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 148B