info[.]exe | Triage

General

Target

info.exe
Size

169KB
MD5

26c0e799f41c09134d9ca10c1666ee2b
SHA1

945a285fe948d63290085c289170258f4b865636
SHA256

f0ed51947d7d1adf80c8ecd52ba79f2ca8b48b5c7c67d7c414e51b2485b238b8
SHA512

2e523ba8c0dcbf6a086f3b50c7ea4a4d80349aed7850e5ad7e77b78ef068a48eaa69dd1837419742969637d8f0cf5d8ee1a75f768c2da65fe619bfd6f361c14d
SSDEEP

3072:f5dh2ccUBubOF4Mw74TL4y9EanRt9+bxrFBO4H1yUeTWOuG/YuP:x/2ccUBZFfzuaCxZZV88uP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
info.exe

Files

info.exe
.exe windows:4 windows x86 arch:x86

09e6e258763fbf07148b6e9e5b4a1e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-intl-8

__printf__
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_sprintf
libintl_textdomain
libintl_vfprintf

msys-1.0

__assert
__errno
__main
__mb_cur_max
_ctype_
_setmode
abort
access
atoi
atol
calloc
close
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
dup2
endpwent
execv
exit
fclose
fcntl
fflush
fileno
fopen
fork
fputs
fread
free
freopen
fwrite
getcwd
getenv
getpid
getpwnam
getpwuid
getuid
ioctl
isatty
kill
lseek
malloc
mbtowc
memchr
memcpy
memset
open
pclose
pipe
popen
putc
puts
qsort
read
realloc
select
setbuf
setlocale
setvbuf
sigaction
sigaddset
sigemptyset
signal
sigprocmask
sleep
sprintf
stat
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strtol
tcflow
tcgetattr
tcsetattr
vsnprintf
wait

msys-regex-1

regcomp
regerror
regexec
regfree

msys-termcap-0

BC
PC
ospeed
tgetent
tgetflag
tgetnum
tgetstr
tgoto
tputs
BC
PC
ospeed

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09e6e258763fbf07148b6e9e5b4a1e95

Headers

File Characteristics

Imports

msys-intl-8

msys-1.0

msys-regex-1

msys-termcap-0

kernel32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 25KB - Virtual size: 24KB

.data_cy Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 2KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 25KB - Virtual size: 24KB

.data_cy
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 2KB