bf4fc483111bfe2457788e79627547e05a14b8cf725378c780eb6c0d878bd1d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf4fc483111bfe2457788e79627547e05a14b8cf725378c780eb6c0d878bd1d8
Size

9.7MB
MD5

d1614f72218969bddcd8d0ca57349803
SHA1

fe58d10d648e18f0c379ce9a6a8dea1e5c61fe78
SHA256

bf4fc483111bfe2457788e79627547e05a14b8cf725378c780eb6c0d878bd1d8
SHA512

1c611d008c267fc41940b5d2cade35c72612e1237ee8682d0d5f7c1c8fe948217a5d76a38891d43ee413663e8f95fea5687e9e963b352b5e7c911f6985c9fc9b
SSDEEP

196608:MyXMlIvlf3S3tEFDUpQ5/IS+DfyGgbwBdnpkYRM9WNZ0JTy:Mbelq9dM/IS+DfDgbc69WNZ0Jm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf4fc483111bfe2457788e79627547e05a14b8cf725378c780eb6c0d878bd1d8

Files

bf4fc483111bfe2457788e79627547e05a14b8cf725378c780eb6c0d878bd1d8
.exe windows:5 windows x64 arch:x64

58195c87a65d5d06bea9db79b004b909

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW

comctl32

ord380

kernel32

IsValidCodePage

advapi32

OpenProcessToken

gdi32

SelectObject

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Sections

.text
Size: 145KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
moon_kill.pyc