314fa5c65c5f3db0ee8dffec752c5e40N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

314fa5c65c5f3db0ee8dffec752c5e40N.exe
Size

135KB
MD5

314fa5c65c5f3db0ee8dffec752c5e40
SHA1

e5b15b14acefefad04afed7483f0a977934098ca
SHA256

276345fd46f722e56c730a0902e2edce4c133169436f03b79d6e843d0aa0371b
SHA512

70dc78a6ae18c4bfb9e2c843df1eea452e65a71e98cfa0791cbe8fedf39d0cf6a7e2f5334dfe835cc9da6a3c3034942c7a406c1e816fcbd3f34a4f9ca2708e74
SSDEEP

3072:58Zo9Rft8F0aXWrpLCDfpqXFB29wrCkj/6AiwOIurFGk:58WRF4X0pLCfgXF0uLtYrQk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
314fa5c65c5f3db0ee8dffec752c5e40N.exe

Files

314fa5c65c5f3db0ee8dffec752c5e40N.exe
.exe windows:4 windows x86 arch:x86

9f7c7af5c2a2a8b383915c4fba85986e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

cyglzma-5

lzma_alone_decoder
lzma_alone_encoder
lzma_block_compressed_size
lzma_block_header_decode
lzma_check_is_supported
lzma_check_size
lzma_code
lzma_cputhreads
lzma_end
lzma_get_progress
lzma_index_block_count
lzma_index_cat
lzma_index_checks
lzma_index_decoder
lzma_index_end
lzma_index_file_size
lzma_index_iter_init
lzma_index_iter_next
lzma_index_iter_rewind
lzma_index_memused
lzma_index_stream_count
lzma_index_stream_flags
lzma_index_stream_padding
lzma_index_total_size
lzma_index_uncompressed_size
lzma_lzma_preset
lzma_memusage
lzma_physmem
lzma_properties_decode
lzma_raw_decoder
lzma_raw_decoder_memusage
lzma_raw_encoder
lzma_raw_encoder_memusage
lzma_stream_decoder
lzma_stream_encoder
lzma_stream_encoder_mt
lzma_stream_encoder_mt_memusage
lzma_stream_flags_compare
lzma_stream_footer_decode
lzma_stream_header_decode
lzma_version_number
lzma_version_string

cygwin1

__ctype_ptr__
__cxa_atexit
__errno
__getreent
__main
_dll_crt0@0
_fchown32
_fcntl64
_fopen64
_fstat64
_geteuid32
_impure_ptr
_lseek64
_lstat64
_open64
_stat64
alarm
calloc
clock_gettime
close
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fchmod
fchown
fclose
fcntl
fgetc
fopen
fprintf
fputc
fputs
free
fstat
futimens
getenv
geteuid
getopt_long
isatty
lseek
lstat
malloc
mbrtowc
mbsinit
memcmp
memcpy
open
optarg
optind
optreset
pipe
poll
posix_fadvise
posix_memalign
printf
program_invocation_name
pthread_sigmask
putc
puts
raise
read
realloc
sigaction
sigaddset
sigemptyset
sigfillset
snprintf
stat
strchr
strcmp
strerror
strlen
strrchr
strstr
unlink
vfprintf
vsnprintf
wcwidth
write

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

cyggcc_s-1

__udivdi3
__umoddi3

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f7c7af5c2a2a8b383915c4fba85986e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cyglzma-5

cygwin1

cygintl-8

cyggcc_s-1

kernel32

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 512B - Virtual size: 452B

.rdata Size: 15KB - Virtual size: 15KB

.buildid Size: 512B - Virtual size: 53B

/4 Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

/14 Size: 64KB - Virtual size: 68KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 452B

.rdata
Size: 15KB - Virtual size: 15KB

.buildid
Size: 512B - Virtual size: 53B

/4
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

/14
Size: 64KB - Virtual size: 68KB