bc7f3a806d6528a57c95598aedd2c1fa | Triage

Sharing

General

Target

bc7f3a806d6528a57c95598aedd2c1fa
Size

51KB
MD5

bc7f3a806d6528a57c95598aedd2c1fa
SHA1

af64dd247e8dba6190fe433c84d1a796600ef9be
SHA256

4456f25ea945322b4f505c4b233c3f0ad22ca90293f89863955fdf40a1478d38
SHA512

9aa35d702bdedf9e695cba8d7058b0277a0b3115150b66b1ad75203e787ee868294e607219805604d1069f8a92ccbac50f6b4117c51dab628c7bafa8ee72a09a
SSDEEP

768:cZWmCGcHO/VXjG3PCLlJRKzPYWTYZRATwed3ee8Y/UartQNSvGueDdYPKYKrDAMb:iWmCGcuBG3gST/TwMTFUhHUKAM+AYE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc7f3a806d6528a57c95598aedd2c1fa

Files

bc7f3a806d6528a57c95598aedd2c1fa
.exe windows:4 windows x86 arch:x86

f16c07b27ff715dcad8a251be477cacb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
GetUserNameW
RegEnumKeyExA

kernel32

InitializeCriticalSection

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CloseDesktop
CloseWindowStation
FindWindowExA
GetKeyState
OpenDesktopA
SetProcessWindowStation

Sections

.vkxud
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vcjmv
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zmj
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ