da86615a027bd85572b5ec546069a7a0N

Sharing

Copy URL Twitter E-mail

General

Target

da86615a027bd85572b5ec546069a7a0N
Size

977KB
MD5

da86615a027bd85572b5ec546069a7a0
SHA1

2e4bc372ead785bf78e8e240aec181187b6ced84
SHA256

945c32de0b6e3994a89f676bbefe65fb6e58b7d6e3d37b5c66a6f8c8752734f5
SHA512

74d70dd30cd8f22c6b12e909023ea3fb0c5c719ef60d6db2d8a73e246cac53c2e58b036723e59e090842968c777c2c81dc4adc1c48ee5c4a96e73b328ab145d5
SSDEEP

24576:+7sEsLvch/YmxjT4oNcRSMWb9wwHwtK7jUJn/UtZ:+IES0QmJTbGFOrjSn/UtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da86615a027bd85572b5ec546069a7a0N

Files

da86615a027bd85572b5ec546069a7a0N
.exe windows:4 windows x64 arch:x64

544eeeee33867a827ebba9e50cbe0810

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

msys-assuan-0

assuan_accept
assuan_begin_confidential
assuan_close_input_fd
assuan_close_output_fd
assuan_command_parse_fd
assuan_end_confidential
assuan_fdopen
assuan_get_input_fd
assuan_get_output_fd
assuan_get_pointer
assuan_init_pipe_server
assuan_inquire
assuan_new
assuan_process
assuan_register_command
assuan_register_input_notify
assuan_register_option_handler
assuan_register_output_notify
assuan_register_reset_notify
assuan_release
assuan_send_data
assuan_set_error
assuan_set_gpg_err_source
assuan_set_hello_line
assuan_set_log_cb
assuan_set_malloc_hooks
assuan_set_pointer
assuan_sock_close
assuan_socket_connect
assuan_transact

msys-bz2-1

BZ2_bzCompress
BZ2_bzCompressEnd
BZ2_bzCompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd
BZ2_bzDecompressInit

msys-gcrypt-20

gcry_calloc
gcry_calloc_secure
gcry_check_version
gcry_cipher_algo_info
gcry_cipher_algo_name
gcry_cipher_authenticate
gcry_cipher_checktag
gcry_cipher_close
gcry_cipher_ctl
gcry_cipher_decrypt
gcry_cipher_encrypt
gcry_cipher_get_algo_blklen
gcry_cipher_get_algo_keylen
gcry_cipher_map_name
gcry_cipher_open
gcry_cipher_setiv
gcry_cipher_setkey
gcry_control
gcry_create_nonce
gcry_free
gcry_is_secure
gcry_kdf_derive
gcry_malloc
gcry_malloc_secure
gcry_md_algo_info
gcry_md_algo_name
gcry_md_close
gcry_md_copy
gcry_md_ctl
gcry_md_debug
gcry_md_enable
gcry_md_get_algo
gcry_md_get_algo_dlen
gcry_md_hash_buffer
gcry_md_is_enabled
gcry_md_is_secure
gcry_md_map_name
gcry_md_open
gcry_md_read
gcry_md_write
gcry_mpi_aprint
gcry_mpi_cmp
gcry_mpi_copy
gcry_mpi_dump
gcry_mpi_get_flag
gcry_mpi_get_nbits
gcry_mpi_get_opaque
gcry_mpi_print
gcry_mpi_randomize
gcry_mpi_release
gcry_mpi_scan
gcry_mpi_set_flag
gcry_mpi_set_opaque
gcry_mpi_set_opaque_copy
gcry_mpi_snew
gcry_pk_algo_info
gcry_pk_algo_name
gcry_pk_ctl
gcry_pk_encrypt
gcry_pk_get_curve
gcry_pk_get_keygrip
gcry_pk_get_nbits
gcry_pk_map_name
gcry_pk_testkey
gcry_pk_verify
gcry_random_bytes
gcry_random_bytes_secure
gcry_randomize
gcry_realloc
gcry_set_fatalerror_handler
gcry_set_log_handler
gcry_set_outofcore_handler
gcry_set_progress_handler
gcry_sexp_build
gcry_sexp_build_array
gcry_sexp_cadr
gcry_sexp_canon_len
gcry_sexp_extract_param
gcry_sexp_find_token
gcry_sexp_length
gcry_sexp_new
gcry_sexp_nth
gcry_sexp_nth_data
gcry_sexp_nth_mpi
gcry_sexp_nth_string
gcry_sexp_release
gcry_sexp_sprint
gcry_sexp_sscan
gcry_strdup
gcry_xcalloc
gcry_xcalloc_secure
gcry_xmalloc
gcry_xmalloc_secure
gcry_xrealloc
gcry_xstrdup

msys-gpg-error-0

_gpgrt_get_std_stream
_gpgrt_putc_overflow
gpg_err_code_from_errno
gpg_err_code_from_syserror
gpg_err_init
gpg_err_set_errno
gpg_strerror
gpg_strsource
gpgrt_access
gpgrt_argparse
gpgrt_argparser
gpgrt_asprintf
gpgrt_bsprintf
gpgrt_chdir
gpgrt_clearerr
gpgrt_fclose
gpgrt_fclose_snatch
gpgrt_fdopen
gpgrt_fdopen_nc
gpgrt_ferror
gpgrt_fflush
gpgrt_fgetc
gpgrt_fgets
gpgrt_fileno
gpgrt_flockfile
gpgrt_fopen
gpgrt_fopencookie
gpgrt_fopenmem
gpgrt_fprintf
gpgrt_fprintf_unlocked
gpgrt_fputc
gpgrt_fputs
gpgrt_fputs_unlocked
gpgrt_fread
gpgrt_free
gpgrt_fseek
gpgrt_fseeko
gpgrt_ftello
gpgrt_funlockfile
gpgrt_fwrite
gpgrt_getcwd
gpgrt_mkdir
gpgrt_printf
gpgrt_read
gpgrt_rewind
gpgrt_set_alloc_func
gpgrt_set_binary
gpgrt_set_confdir
gpgrt_set_fixed_string_mapper
gpgrt_set_strusage
gpgrt_set_usage_outfnc
gpgrt_setvbuf
gpgrt_snprintf
gpgrt_strusage
gpgrt_sysopen_nc
gpgrt_vasprintf
gpgrt_vbsprintf
gpgrt_vfprintf
gpgrt_vfprintf_unlocked
gpgrt_write
gpgrt_write_hexstring
gpgrt_write_sanitized

msys-2.0

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__main
_dll_crt0
_exit
_impure_ptr
abort
access
atoi
bsearch
calloc
chdir
chmod
close
closedir
connect
ctermid
cygwin_internal
difftime
dll_dllcrt0
dup
dup2
execlp
execv
exit
explicit_bzero
fclose
fcntl
fdopen
fflush
fgets
fileno
fopen
fork
fprintf
fputc
fputs
fread
free
fstat
fsync
fwrite
getenv
geteuid
getpid
getpwnam
getpwuid
getrlimit
getsockname
getuid
gmtime
gmtime_r
inet_pton
isatty
kill
link
localtime
lseek
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
msys_detach_dll
nanosleep
nl_langinfo
open
opendir
pipe
posix_memalign
printf
putc
putenv
qsort
raise
read
readdir
realloc
remove
rename
rmdir
select
setenv
setrlimit
setsid
sigaction
sigemptyset
sigfillset
sigprocmask
sleep
snprintf
socket
sprintf
sscanf
stat
stpcpy
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strftime
strlen
strncasecmp
strncmp
strncpy
strpbrk
strrchr
strsep
strspn
strstr
strtok
strtol
strtoul
sys_siglist
sysconf
system
tcgetattr
tcsetattr
time
timegm
tmpfile
toupper
ttyname
umask
uname
uname_x
unlink
unsetenv
vfprintf
waitpid
write

msys-readline8

add_history
readline
rl_attempted_completion_function
rl_attempted_completion_over
rl_catch_signals
rl_cleanup_after_signal
rl_completion_matches
rl_free_line_state
rl_inhibit_completion
rl_instream
rl_outstream
rl_readline_name

msys-sqlite3-0

sqlite3_bind_blob
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_parameter_count
sqlite3_bind_text
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_close
sqlite3_column_count
sqlite3_column_name
sqlite3_column_text
sqlite3_column_type
sqlite3_db_handle
sqlite3_errmsg
sqlite3_errstr
sqlite3_exec
sqlite3_finalize
sqlite3_free
sqlite3_malloc
sqlite3_open
sqlite3_prepare_v2
sqlite3_reset
sqlite3_step
sqlite3_vmprintf

msys-z

deflate
deflateEnd
deflateInit2_
deflateInit_
inflate
inflateEnd
inflateInit2_
inflateInit_

msys-iconv-2

libiconv
libiconv_close
libiconv_open

msys-intl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

kernel32

GetModuleHandleA
GetModuleHandleW

Sections

.text
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544eeeee33867a827ebba9e50cbe0810

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msys-assuan-0

msys-bz2-1

msys-gcrypt-20

msys-gpg-error-0

msys-2.0

msys-readline8

msys-sqlite3-0

msys-z

msys-iconv-2

msys-intl-8

kernel32

Sections

.text Size: 705KB - Virtual size: 704KB

.data Size: 16KB - Virtual size: 16KB

.rdata Size: 177KB - Virtual size: 177KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 18KB - Virtual size: 17KB

.xdata Size: 24KB - Virtual size: 23KB

.bss Size: - Virtual size: 8KB

.idata Size: 15KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 705KB - Virtual size: 704KB

.data
Size: 16KB - Virtual size: 16KB

.rdata
Size: 177KB - Virtual size: 177KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 18KB - Virtual size: 17KB

.xdata
Size: 24KB - Virtual size: 23KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB