cut[.]exe | Triage

Sharing

General

Target

cut.exe
Size

30KB
MD5

8286ddb41d676f49f1f22f8fa10749e8
SHA1

5c05abd787e33e5491e504b2617c7ea7d5b49baa
SHA256

fb1e2690e081fa260bdb48f928c625050f68e52cb1b43b66ab5472631a03f998
SHA512

3026a324b82075ea1588f986f2eb3323d3c5ad87526853644904303a229de85b71e28da2cae5e4a5c3165c48f4e7e660d643711b10cabbf43960c98398953edf
SSDEEP

384:GnfR5Vwwb83L1LZz+DI/69umVRdBCfgvmpJozahFKAHVQdagjBY1OQQhyPhyqVP+:Q5VOp4YoepqAKA1QwmQO0PhyqVyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cut.exe

Files

cut.exe
.exe windows:4 windows x86 arch:x86

916ed0458e9a319be15612bf500ab3a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-1.0

__assert
__errno
__main
_ctype_
abort
atexit
calloc
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fopen
fprintf
fputs
free
fwrite
getc
getenv
malloc
memchr
memcpy
memset
putc
qsort
realloc
setlocale
strchr
strcmp
strerror
strlen
strncmp
strspn
ungetc
vsnprintf

msys-intl-8

__printf__
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_textdomain
libintl_vfprintf

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 796B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE