infokey[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

infokey.exe
Size

24KB
MD5

10f98d61ff6e60f50be25c54f0cb58b6
SHA1

4b1c9b754c1278410c92dd34280d78d1ae65f7f9
SHA256

bd5dc20a8ad4f8b59d6536bfd398dc7b482267b44ac25a2e2dd0435d5844c635
SHA512

a4f2175f31e1e315b6e769e949d388d2d61280569d27bae252b7d64b5376ba591eb1a55f3fb26c359727ac36b24168dfbf6d41102bf12d68f8306eaec8e34f5b
SSDEEP

384:Yh6klgJ5wwKqlwoDK+ZE6twzD9IYtP0ViQrvzdagjBMNgJDQ09YOtwkwE:ouew1fm2E6licvzwmegJ4O0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
infokey.exe

Files

infokey.exe
.exe windows:4 windows x86 arch:x86

eef78d390b8faf8d1df10d62fad8027a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-intl-8

__printf__
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_textdomain
libintl_vfprintf

msys-1.0

__errno
__main
_ctype_
abort
calloc
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fcntl
fflush
fgetc
fopen
fputc
fputs
free
fwrite
getenv
malloc
memcpy
memset
putc
puts
realloc
setlocale
sprintf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
unlink
vsnprintf

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE