72c2ca92db67c9762bf7a245abc5a550N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

72c2ca92db67c9762bf7a245abc5a550N.exe
Size

165KB
MD5

72c2ca92db67c9762bf7a245abc5a550
SHA1

f02ae81700550ff55e99bedf5b287f0272351a5f
SHA256

39aa895f675d3dd0c44253bcc676e6950a2dc7816cc8a6fd0ca26299a3b0ae38
SHA512

519eaf8631e24c3268b28fd6f8d1a56b2d5284ca091d16acaded905682ae888dafd3d3c52bf0e22ab2fd5bad64aa50e108f5ad24a868fac2a5f331f2150ecec8
SSDEEP

3072:vbQLXHd8AJpOjd9BWwcSWTCpQS+brAM/E4iDxdvQLg9kj3XkaMJx:vbQLReJ99cSWTcWbrAMM7DxB9SXU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c2ca92db67c9762bf7a245abc5a550N.exe

Files

72c2ca92db67c9762bf7a245abc5a550N.exe
.exe windows:4 windows x86 arch:x86

fedf7c12f92152983c43cb9d8df0f7b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

msys-assuan-0

assuan_new
assuan_release
assuan_set_log_cb
assuan_socket_connect
assuan_transact

msys-gcrypt-20

_gcry_mpi_get_const
gcry_calloc
gcry_calloc_secure
gcry_check_version
gcry_cipher_algo_info
gcry_cipher_algo_name
gcry_cipher_authenticate
gcry_cipher_checktag
gcry_cipher_close
gcry_cipher_ctl
gcry_cipher_decrypt
gcry_cipher_encrypt
gcry_cipher_get_algo_blklen
gcry_cipher_get_algo_keylen
gcry_cipher_gettag
gcry_cipher_map_name
gcry_cipher_open
gcry_cipher_setiv
gcry_cipher_setkey
gcry_control
gcry_create_nonce
gcry_free
gcry_kdf_derive
gcry_malloc
gcry_malloc_secure
gcry_md_algo_info
gcry_md_algo_name
gcry_md_close
gcry_md_ctl
gcry_md_hash_buffer
gcry_md_map_name
gcry_md_open
gcry_md_read
gcry_md_write
gcry_mpi_add
gcry_mpi_add_ui
gcry_mpi_aprint
gcry_mpi_get_flag
gcry_mpi_get_nbits
gcry_mpi_get_opaque
gcry_mpi_mod
gcry_mpi_mul
gcry_mpi_new
gcry_mpi_powm
gcry_mpi_print
gcry_mpi_release
gcry_mpi_rshift
gcry_mpi_scan
gcry_mpi_set_flag
gcry_mpi_set_opaque
gcry_mpi_set_opaque_copy
gcry_mpi_sub
gcry_mpi_test_bit
gcry_pk_algo_info
gcry_pk_algo_name
gcry_pk_get_curve
gcry_pk_get_keygrip
gcry_pk_get_nbits
gcry_pk_get_param
gcry_pk_map_name
gcry_pk_testkey
gcry_realloc
gcry_set_fatalerror_handler
gcry_set_log_handler
gcry_set_outofcore_handler
gcry_sexp_build
gcry_sexp_build_array
gcry_sexp_cadr
gcry_sexp_canon_len
gcry_sexp_extract_param
gcry_sexp_find_token
gcry_sexp_length
gcry_sexp_new
gcry_sexp_nth
gcry_sexp_nth_data
gcry_sexp_nth_string
gcry_sexp_release
gcry_sexp_sprint
gcry_sexp_sscan
gcry_strdup
gcry_xcalloc
gcry_xmalloc
gcry_xrealloc
gcry_xstrdup

msys-gpg-error-0

_gpgrt_get_std_stream
_gpgrt_putc_overflow
gpg_err_code_from_errno
gpg_err_code_from_syserror
gpg_err_init
gpg_err_set_errno
gpg_strerror
gpgrt_access
gpgrt_argparse
gpgrt_asprintf
gpgrt_chdir
gpgrt_fclose
gpgrt_fdopen
gpgrt_fflush
gpgrt_fileno
gpgrt_flockfile
gpgrt_fopencookie
gpgrt_fprintf
gpgrt_fprintf_unlocked
gpgrt_fputs
gpgrt_fputs_unlocked
gpgrt_funlockfile
gpgrt_getcwd
gpgrt_mkdir
gpgrt_read
gpgrt_set_alloc_func
gpgrt_set_fixed_string_mapper
gpgrt_set_strusage
gpgrt_set_usage_outfnc
gpgrt_setvbuf
gpgrt_snprintf
gpgrt_strusage
gpgrt_vasprintf
gpgrt_vfprintf_unlocked
gpgrt_write
gpgrt_write_sanitized

msys-2.0

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__main
_dll_crt0@0
_exit
_fcntl64
_fopen64
_fstat64
_geteuid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_open64
_stat64
_tmpfile64
abort
atoi
calloc
chdir
chmod
clock_gettime
close
closedir
connect
cygwin_internal
difftime
dll_dllcrt0
dup
dup2
execv
exit
explicit_bzero
fclose
fcntl
fflush
fileno
fopen
fork
fprintf
fputs
fread
free
fstat
fsync
fwrite
getenv
geteuid
getpid
getpwnam
getpwuid
getrlimit
getsockname
getuid
gmtime
gmtime_r
inet_pton
isatty
kill
link
localtime
lseek
malloc
memcmp
memcpy
memmove
memset
mktime
msys_detach_dll
nanosleep
nl_langinfo
open
opendir
pipe
posix_memalign
printf
putc
putchar
putenv
raise
read
readdir
realloc
remove
rename
select
setenv
setrlimit
setsid
sigaction
sigemptyset
sigfillset
sigprocmask
sleep
socket
sprintf
stat
stpcpy
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strlwr
strncasecmp
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
strtoul
sys_siglist
sysconf
time
timegm
tmpfile
toupper
ttyname
uname
uname_x
unlink
unsetenv
waitpid
write

msys-gcc_s-1

__divdi3
__moddi3
__udivdi3
__umoddi3

msys-iconv-2

libiconv
libiconv_close
libiconv_open

msys-intl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

kernel32

FreeLibrary
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fedf7c12f92152983c43cb9d8df0f7b0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msys-assuan-0

msys-gcrypt-20

msys-gpg-error-0

msys-2.0

msys-gcc_s-1

msys-iconv-2

msys-intl-8

kernel32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 512B - Virtual size: 448B

.rdata Size: 17KB - Virtual size: 17KB

.buildid Size: 512B - Virtual size: 53B

/4 Size: 1024B - Virtual size: 688B

.bss Size: - Virtual size: 1KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 512B - Virtual size: 448B

.rdata
Size: 17KB - Virtual size: 17KB

.buildid
Size: 512B - Virtual size: 53B

/4
Size: 1024B - Virtual size: 688B

.bss
Size: - Virtual size: 1KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB