60391c7afea3cfeef745bb4c902e9ebb26a487c611937e537f7c202c51ddcdb5N

Sharing

Copy URL

Twitter E-mail

General

Target

60391c7afea3cfeef745bb4c902e9ebb26a487c611937e537f7c202c51ddcdb5N
Size

1.4MB
MD5

1c8acab1b651bf6a4362a511b57e4bd0
SHA1

52792649c484d40d63c273720cf2fc2b307edb19
SHA256

60391c7afea3cfeef745bb4c902e9ebb26a487c611937e537f7c202c51ddcdb5
SHA512

f2f2ac4f8b084c01217c053ac78ea742015d4b203f3acc4c83587394e2013f186468bf3086e77f4ecb9bcaee982f724850a11017420782fc00dc66e43b27d2c3
SSDEEP

24576:FkL9/HEa02SUnLs+AxnYgrJrEfRXtmgV2gf8sHHSNSeZujm7ihGS5rhhyk2sqjnE:yx/AoLjh0GR9mg3f8sNxLFhhyDmg27RN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60391c7afea3cfeef745bb4c902e9ebb26a487c611937e537f7c202c51ddcdb5N

Files

60391c7afea3cfeef745bb4c902e9ebb26a487c611937e537f7c202c51ddcdb5N
.exe windows:4 windows x86 arch:x86

fc3fd10263dd9929fe4e833ca977e3d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

cygwin1

__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__locale_mb_cur_max
__main
_chown32
_dll_crt0@0
_fcntl64
_fdopen64
_fopen64
_freopen64
_fstat64
_getegid32
_geteuid32
_getgid32
_getgrent32
_getgroups32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_lstat64
_open64
_setgid32
_setuid32
_stat64
abort
access
alarm
asprintf
atoi
bcopy
calloc
chdir
chown
close
closedir
confstr
cygwin_conv_path
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dup
dup2
eaccess
endgrent
endpwent
endservent
execve
exit
faccessat
fclose
fcntl
fdopen
fflush
fgets
fileno
fopen
fork
fprintf
fpurge
fputc
fputs
fread
free
freopen
fstat
fwrite
getcwd
getdtablesize
getegid
geteuid
getgid
getgrent
getgroups
gethostname
getpeername
getpgrp
getpid
getppid
getpwent
getpwnam
getpwuid
getrlimit
getrusage
getservent
gettimeofday
getuid
imaxdiv
ioctl
isatty
iswalnum
iswctype
iswlower
iswprint
iswupper
kill
killpg
localeconv
localtime
longjmp
lseek
lstat
malloc
mblen
mbrlen
mbrtowc
mbsinit
mbsnrtowcs
mbsrtowcs
mbstowcs
mbtowc
memchr
memcmp
memcpy
memmove
memset
mkstemp
mktemp
nanosleep
nl_langinfo
open
opendir
pathconf
pipe
posix_memalign
printf
pselect
pthread_sigmask
putc
putchar
puts
qsort
read
readdir
readlink
realloc
realpath
regcomp
regexec
regfree
rename
select
setgid
setgrent
setitimer
setjmp
setlocale
setpgid
setpwent
setrlimit
setservent
setuid
setvbuf
sigaction
sigaddset
sigdelset
sigemptyset
sigprocmask
sleep
snprintf
sprintf
stat
stpcpy
strcasecmp
strcasestr
strcat
strchr
strchrnul
strcmp
strcoll
strcpy
strdup
strerror
strftime
strlen
strncasecmp
strncat
strncmp
strncpy
strnlen
strpbrk
strrchr
strsignal
strstr
strtoimax
strtol
strtold
strtoul
strtoumax
sysconf
tcflow
tcgetattr
tcgetpgrp
tcsetattr
tcsetpgrp
time
tolower
toupper
towlower
towupper
ttyname
tzset
umask
unlink
vfprintf
vsnprintf
waitpid
wcrtomb
wcschr
wcscmp
wcscoll
wcsdup
wcslen
wcsncmp
wcsrtombs
wcstombs
wcswidth
wctob
wctype
wcwidth
wmemchr
write

kernel32

FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA

Sections

.text
Size: 668KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 42KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc3fd10263dd9929fe4e833ca977e3d8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cygwin1

kernel32

Sections

.text Size: 668KB - Virtual size: 668KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 80KB - Virtual size: 79KB

.buildid Size: 512B - Virtual size: 53B

/4 Size: 113KB - Virtual size: 113KB

.bss Size: - Virtual size: 42KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 568KB - Virtual size: 572KB

.text
Size: 668KB - Virtual size: 668KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 80KB - Virtual size: 79KB

.buildid
Size: 512B - Virtual size: 53B

/4
Size: 113KB - Virtual size: 113KB

.bss
Size: - Virtual size: 42KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 568KB - Virtual size: 572KB