bTfv[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bTfv.exe
Size

36KB
MD5

519d90ea54650b83d8e1003ad8661076
SHA1

da0e28f3f268996270f78c8b4c978bd646fdffe7
SHA256

c2bc52cb1dd4df635f188cd9af010690f71507801e597444ccec23a2dc92c49d
SHA512

28856c6ebdf8b23e3f4bba04caa398a2c212764f7e7270d34d7024de48aff2e2dd9d2a32fe94d193d1ff9db23bb12c6ce802b24d423dcc9a0e492527c6a437c8
SSDEEP

384:jLdCAyEk4A/XMWK+PEZePC45SY2OzRLTm3yilqr64+bqyvGP:n5A4A/FEZeK45SsbGvGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bTfv.exe

Files

bTfv.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ