du[.]exe | Triage

General

Target

du.exe
Size

73KB
MD5

5117c2a0e14c385fcf81a827a6c03c63
SHA1

1265aace5a89036de510414d46e5c762c6301894
SHA256

c557e9fc0ff6bbb99ea1b2364d89fd048293d77e540171a29d2a7bcf03c20c44
SHA512

de5a1e1b15288587f452e83f8f6c99f6f5aeccc5e33a4bc36bb667c974f186c0147ab5ff2e6abb3ebe396bd87ecb4a6a2df0c11ce75c0bc35e99010c1a0549ac
SSDEEP

1536:mSDOfJd2RC6kGdWl9OYx4+DY9+2OQ+nwxJ1zKfOu:mSGeRC6kGdO9OYbmVEwxvmf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
du.exe

Files

du.exe
.exe windows:4 windows x86 arch:x86

e654e4ca6948a263baf58473c3113c3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-1.0

__assert
__errno
__main
_ctype_
_tzname
abort
asctime
atexit
calloc
close
closedir
ctime
cygwin_conv_to_posix_path
cygwin_internal
dirfd
dll_crt0__FP11per_process
exit
fchdir
fclose
fcntl
fflush
fgetc
fopen
fprintf
fputc
fputs
free
freopen
fstat
fwrite
getc
getenv
gmtime
localeconv
localtime
lstat
malloc
mblen
memchr
memcpy
memmove
memset
open
opendir
putc
qsort
readdir
realloc
setlocale
stat
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncasecmp
strncmp
strrchr
strtoul
tzset
vsnprintf

msys-intl-8

__printf__
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_sprintf
libintl_textdomain
libintl_vfprintf

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 876B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e654e4ca6948a263baf58473c3113c3d

Headers

File Characteristics

Imports

msys-1.0

msys-intl-8

kernel32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 10KB - Virtual size: 10KB

.data_cy Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 876B

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 10KB - Virtual size: 10KB

.data_cy
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 876B

.idata
Size: 2KB - Virtual size: 1KB