c9fa04551076defb8e64080b3047adab7c1e01cf2d994ddbe7acc99006d7e8f4

Sharing

Copy URL

Twitter E-mail

General

Target

c9fa04551076defb8e64080b3047adab7c1e01cf2d994ddbe7acc99006d7e8f4
Size

29KB
MD5

8cd6a73dba5fe4e7bf84a9f2039c3cda
SHA1

94259ee81fb22cdc3f4198d2aabc1d9f084e5bd2
SHA256

c9fa04551076defb8e64080b3047adab7c1e01cf2d994ddbe7acc99006d7e8f4
SHA512

3ce89bc41dd4bc45569c71d3a4246b0f4bde65fc0599407bcb65618278657db022ed552d5e3c62d5f51962c335cd7f769ff1c1bbc085f385842a726d71a1b2e7
SSDEEP

384:QPKhmKSQRvsbQuLIGJF4nle90NEtJpV8IlZ63eRNjBQ57+VX:QPgmyaQuale5NNT6ONjG5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9fa04551076defb8e64080b3047adab7c1e01cf2d994ddbe7acc99006d7e8f4

Files

c9fa04551076defb8e64080b3047adab7c1e01cf2d994ddbe7acc99006d7e8f4
.dll windows:4 windows x64 arch:x64

71e3370fb474142445c5e49777439408

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Imports

cygwin1

__cxa_atexit
__errno
__locale_ctype_ptr
__memcpy_chk
__stack_chk_fail
__stack_chk_guard
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
free
iswprint
malloc
mbstowcs
posix_memalign
realloc
strcmp
strdup
strlen
toupper
wcwidth

kernel32

GetModuleHandleA

cygncursesw-10

SP
_nc_screen_of
copywin
delwin
getmouse
mvderwin
ncwrap_TABSIZE
ncwrap_stdscr
newpad
subpad
ungetmouse
waddch
waddnstr
wattr_off
wattr_on
wbkgdset
wcursyncup
wenclose
werase
wmouse_trafo
wmove
wsyncup
wtouchln

Exports

Exports

_nc_Calculate_Item_Length_and_Width
_nc_Calculate_Text_Width
_nc_Connect_Items
_nc_Default_Item
_nc_Default_Menu
_nc_Disconnect_Items
_nc_Draw_Menu
_nc_Link_Items
_nc_Match_Next_Character_In_Item_Name
_nc_New_TopRow_and_CurrentItem
_nc_Post_Item
_nc_Show_Menu
_nc_menu_cursor_pos
current_item
free_item
free_menu
item_count
item_description
item_index
item_init
item_name
item_opts
item_opts_off
item_opts_on
item_term
item_userptr
item_value
item_visible
menu_back
menu_driver
menu_fore
menu_format
menu_grey
menu_init
menu_items
menu_mark
menu_opts
menu_opts_off
menu_opts_on
menu_pad
menu_pattern
menu_request_by_name
menu_request_name
menu_spacing
menu_sub
menu_term
menu_userptr
menu_win
new_item
new_menu
new_menu_sp
pos_menu_cursor
post_menu
scale_menu
set_current_item
set_item_init
set_item_opts
set_item_term
set_item_userptr
set_item_value
set_menu_back
set_menu_fore
set_menu_format
set_menu_grey
set_menu_init
set_menu_items
set_menu_mark
set_menu_opts
set_menu_pad
set_menu_pattern
set_menu_spacing
set_menu_sub
set_menu_term
set_menu_userptr
set_menu_win
set_top_row
top_row
unpost_menu

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 464B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71e3370fb474142445c5e49777439408

Headers

File Characteristics

PDB Paths

Imports

cygwin1

kernel32

cygncursesw-10

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 384B

.rdata Size: 2KB - Virtual size: 1KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1024B - Virtual size: 784B

.bss Size: - Virtual size: 464B

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 40B

/4 Size: 512B - Virtual size: 24B

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 384B

.rdata
Size: 2KB - Virtual size: 1KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1024B - Virtual size: 784B

.bss
Size: - Virtual size: 464B

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 40B

/4
Size: 512B - Virtual size: 24B