Malicious_bfcf48e6377308c6ece2dbe0fa802abab5978c96b2b19a0e176255f4d19d886b[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Malicious_bfcf48e6377308c6ece2dbe0fa802abab5978c96b2b19a0e176255f4d19d886b.exe
Size

64KB
MD5

2b93717f758c513a178b3e95a109718b
SHA1

ea2814f7c8fab8d7de9fcf5005a58d159b07f816
SHA256

bfcf48e6377308c6ece2dbe0fa802abab5978c96b2b19a0e176255f4d19d886b
SHA512

9fbeb7756c1482607224c1e34cb5139c46bd54ac69dec264110f72921386f238410142fb38c411fd2f0eaa6fb3109a5cc8141b80e18a5693ae0e32cb7fa62050
SSDEEP

1536:roBHSfku/TguqNKM6C6E+YUv3EXmYOiKsU:roBS8Q0R68Xys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Malicious_bfcf48e6377308c6ece2dbe0fa802abab5978c96b2b19a0e176255f4d19d886b.exe

Files

Malicious_bfcf48e6377308c6ece2dbe0fa802abab5978c96b2b19a0e176255f4d19d886b.exe
.dll regsvr32 windows x64

0fea243ddb12b477b6b4ab25be7279d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrlenA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ