d0a7ba86ba801a902e9858bb9b22bf422e03fa15b52b3635cf5c1d6501871166

Sharing

Copy URL Twitter E-mail

General

Target

d0a7ba86ba801a902e9858bb9b22bf422e03fa15b52b3635cf5c1d6501871166
Size

110KB
MD5

2e8c091519944a16cdb8f4bcb5f991ed
SHA1

dbfefc1932bfd1e5184a07f42f66292b36b1968f
SHA256

d0a7ba86ba801a902e9858bb9b22bf422e03fa15b52b3635cf5c1d6501871166
SHA512

ebb857a939ed15c3c8c0a4c0d0fb20ac900f591a27776a192ad6add4342ec7490362e5c3d70aad9c1934274b6a7a0993af733ad894cfea95cf853828c678ebf8
SSDEEP

3072:wi0e5I74B/TaJyMIfuqeoef96VrpI+uR1APyFrf53OdF2v1QhVv:wi0e5I7k/TaJyMIf/ef98rfdF2v1QhVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0a7ba86ba801a902e9858bb9b22bf422e03fa15b52b3635cf5c1d6501871166

Files

d0a7ba86ba801a902e9858bb9b22bf422e03fa15b52b3635cf5c1d6501871166
.exe windows:4 windows x64 arch:x64

a4ecc4400f4f77ff392b2172c7070913

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

Imports

cygcurl-4

curl_easy_cleanup
curl_easy_init
curl_easy_perform
curl_easy_setopt
curl_easy_strerror
curl_global_init

cygwin1

__cxa_atexit
__main
_dll_crt0
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
fclose
fopen
free
fwrite
malloc
posix_memalign
realloc
strlen
system

cyggcc_s-seh-1

_Unwind_Resume

cygstdc++-6

_ZNKSs13get_allocatorEv
_ZNKSs4sizeEv
_ZNKSs5c_strEv
_ZNKSs6lengthEv
_ZNKSscvSt17basic_string_viewIcSt11char_traitsIcEEEv
_ZNKSt10filesystem4path5_List13_Impl_deleterclEPNS1_5_ImplE
_ZNSaIcEC1ERKS_
_ZNSaIcEC1Ev
_ZNSaIcED1Ev
_ZNSi3getEv
_ZNSi5tellgEv
_ZNSolsEPFRSoS_E
_ZNSs12_Alloc_hiderC1EPcRKSaIcE
_ZNSs12_S_empty_repEv
_ZNSs12__sv_wrapperC1ESt17basic_string_viewIcSt11char_traitsIcEE
_ZNSs13_S_copy_charsEPcPKcS1_
_ZNSs17_S_to_string_viewESt17basic_string_viewIcSt11char_traitsIcEE
_ZNSs3endEv
_ZNSs4_Rep10_M_refdataEv
_ZNSs4_Rep26_M_set_length_and_sharableEm
_ZNSs4_Rep9_S_createEmmRKSaIcE
_ZNSs4backEv
_ZNSs5beginEv
_ZNSs6appendEPKc
_ZNSs6appendEPKcm
_ZNSs6appendERKSs
_ZNSs7reserveEm
_ZNSsC1ENSs12__sv_wrapperERKSaIcE
_ZNSsC1EOSs
_ZNSsC1EPKcmRKSaIcE
_ZNSsC1ERKSaIcE
_ZNSsC1ERKSs
_ZNSsD1Ev
_ZNSsaSERKSs
_ZNSspLEc
_ZNSt10filesystem19temp_directory_pathEv
_ZNSt10filesystem4path14_M_split_cmptsEv
_ZNSt10filesystem4path5_ListC1ERKS1_
_ZNSt10filesystem4path5_ListC1Ev
_ZNSt10filesystem4pathdVERKS0_
_ZNSt14basic_ifstreamIcSt11char_traitsIcEE7is_openEv
_ZNSt14basic_ifstreamIcSt11char_traitsIcEEC1ERKSsSt13_Ios_Openmode
_ZNSt14basic_ifstreamIcSt11char_traitsIcEED1Ev
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt19__throw_logic_errorPKc
_ZSt3cin
_ZSt4cerr
_ZSt4cout
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZStlsIcSt11char_traitsIcESaIcEERSt13basic_ostreamIT_T0_ES7_RKSbIS4_S5_T1_E
__gxx_personality_seh0

kernel32

GetModuleHandleA
GetTempPathA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4ecc4400f4f77ff392b2172c7070913

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cygcurl-4

cygwin1

cyggcc_s-seh-1

cygstdc++-6

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 96B

.rdata Size: 1KB - Virtual size: 1KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 1024B - Virtual size: 888B

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 480B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 32B

/4 Size: 1024B - Virtual size: 560B

/19 Size: 27KB - Virtual size: 26KB

/31 Size: 3KB - Virtual size: 3KB

/45 Size: 2KB - Virtual size: 2KB

/57 Size: 1024B - Virtual size: 736B

/70 Size: 512B - Virtual size: 131B

/81 Size: 5KB - Virtual size: 4KB

/97 Size: 1024B - Virtual size: 632B

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 96B

.rdata
Size: 1KB - Virtual size: 1KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 1024B - Virtual size: 888B

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 480B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 32B

/4
Size: 1024B - Virtual size: 560B

/19
Size: 27KB - Virtual size: 26KB

/31
Size: 3KB - Virtual size: 3KB

/45
Size: 2KB - Virtual size: 2KB

/57
Size: 1024B - Virtual size: 736B

/70
Size: 512B - Virtual size: 131B

/81
Size: 5KB - Virtual size: 4KB

/97
Size: 1024B - Virtual size: 632B