bc354c632811d2410e54c7e7027a035c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc354c632811d2410e54c7e7027a035c
Size

332KB
MD5

bc354c632811d2410e54c7e7027a035c
SHA1

026e9a28c5f7e1d596404f169b8cdf5a57c6b876
SHA256

3a482a745ac5a1d2ac9d78c5ac750fc368ee0c8b0ca5a5efb50a0e59fbe4ba94
SHA512

e1ace8004d01c19711dc1c5334be30fd3196e84b5145414b562a8c6f6347319751fe74686bc9726b44ffe89bfe855913ecba9f144027fae47342cb0b9e262d10
SSDEEP

6144:FyxVuCmC2mqkuKsggM8L+lgUrIqa7QtMdBLB9f86BDVqvyV9h8W:k3FmBmHWZ+lYqahD9PD8VW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc354c632811d2410e54c7e7027a035c

Files

bc354c632811d2410e54c7e7027a035c
.exe windows:4 windows x86 arch:x86

0e5043a8688d188866dfa59fa73dfa6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowUnicode
GetDlgItemInt
FindWindowExA
BeginDeferWindowPos
GetParent

advapi32

RegSetValueExA
RegSetValueA
AdjustTokenPrivileges
RegQueryInfoKeyA
NotifyChangeEventLog
RegQueryValueA
ReadEventLogA
RegConnectRegistryA
RegisterEventSourceA
RegCloseKey
RegFlushKey

kernel32

GetCurrentProcess
GetCurrentThreadId
GetModuleHandleA
SuspendThread
ResetEvent
GetProfileSectionA
WritePrivateProfileStructA
GetProcAddress
VirtualAlloc
GetCommandLineA
SetEvent
GetCurrentProcessId
GetHandleInformation
ResumeThread
CloseHandle
GetStartupInfoA
GetComputerNameA

winspool.drv

EnumPrintProcessorsW
SetPrinterW
DeviceCapabilitiesA

msvcrt

_initterm
_except_handler3
__set_app_type
__p__fmode
__p__commode
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_adjust_fdiv
__setusermatherr
_controlfp

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ