bc8d90c95cc303231970b65345d56e52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc8d90c95cc303231970b65345d56e52
Size

178KB
MD5

bc8d90c95cc303231970b65345d56e52
SHA1

d6b273f7fd1cbbbeb60139e028de3fc9fed2068f
SHA256

f026a55d8f0cfae9d11eb75e173b685fac13442fdd7c81fcee54996599b8f4cc
SHA512

78d20849ec709689b021ee61193f72ff631ee6d01f4534523122b890e382c81d2dcbc80dc8bdb8f4c79aba13e9154ab4ec524d0678a6e1cdc0c74a0a0e786607
SSDEEP

3072:WqVhfFHpAKTy4KFh3VAtpN7ON0TxbO6WY0m5PgH2lh2/TIII6P+p3BVrsEU:BxFJAKTyP3tKHWY0AglIIIq+pz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc8d90c95cc303231970b65345d56e52

Files

bc8d90c95cc303231970b65345d56e52
.exe windows:4 windows x86 arch:x86

c9280942de5a08694d100a569a416e3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrByteCountPointerFree
UuidToStringA
UuidCreate
RpcStringFreeA

kernel32

RtlUnwind
FormatMessageA
InterlockedDecrement
FlushInstructionCache
GetCurrentThreadId
InterlockedIncrement
GetVersionExW
GlobalUnlock
GlobalAlloc
WaitForSingleObject
RaiseException
GlobalLock
HeapFree
WriteProcessMemory
GetStartupInfoA
GetThreadContext
GetCurrentProcess
DeleteCriticalSection
GetLastError
ExitProcess
VirtualProtectEx
GlobalFree
HeapAlloc
LocalFree
DuplicateHandle
SetLocaleInfoW
GetCommandLineA
GetFileSize
GetTempPathW
SetLastError
CreateFileW
TlsSetValue
InterlockedExchange
GetWindowsDirectoryW

gdi32

DeleteDC
SelectObject
RealizePalette
BitBlt
UnrealizeObject
GetObjectA
CreateCompatibleDC
SetMapMode
SelectPalette
GetDeviceCaps

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ