bf2fcb01c4d8787e35e32f1f689e22ba

Sharing

Copy URL Twitter E-mail

General

Target

bf2fcb01c4d8787e35e32f1f689e22ba
Size

340KB
MD5

bf2fcb01c4d8787e35e32f1f689e22ba
SHA1

9f90c93b8f8b1cbb3467e20f7b838edbb16a449a
SHA256

02b5905d46e9a4c37a56a312043635e4569717ea16cd4be583c6f701e4ce8f1e
SHA512

793237ce4037c752b9832db852646ff0cefb5dbe197713ec63f8356b9213b71f88eb609eb828057f3bc47d75ec8d1028a7a729661c59e6f84482dfe670704736
SSDEEP

6144:G/E6ialJbJRgoQbubRJ2+YNxOGmeK98DWXn9W2qRT:GxialJzgowuL2+2xNdEX95qp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf2fcb01c4d8787e35e32f1f689e22ba

Files

bf2fcb01c4d8787e35e32f1f689e22ba
.exe windows:4 windows x86 arch:x86

29fa4425586e439457dde1685bb1ecb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
GetProfileStringA
RtlUnwind
ExitProcess
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
FormatMessageA
GetThreadLocale
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrcpynA
lstrlenA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetVersion
GetVersionExA
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenMutexA
CreateMutexA
GetEnvironmentVariableA
CloseHandle

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
WindowFromPoint
CharUpperA
InflateRect
RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
SetCapture
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSysColorBrush
DestroyMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
ReuseDDElParam
GetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
SetActiveWindow
SetParent
SystemParametersInfoA
GetClassNameA
GetWindowRect
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
LoadMenuA
GetSubMenu
SetMenuDefaultItem
LoadCursorA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsWindow
RegisterWindowMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
GetWindowTextA
FindWindowA
BringWindowToTop
VkKeyScanA
keybd_event
PostMessageA
SendMessageA
KillTimer
MessageBoxA
LoadStringA
IsZoomed
PtInRect
InvalidateRect
UnpackDDElParam
LoadIconA
SetTimer
EnableWindow
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
MoveWindow
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
GetLastActivePopup
SetMenu
GetDlgItem
ShowWindow
ModifyMenuA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
DeleteObject
CreateRectRgn
SetMapMode
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
GetTextMetricsA
CreateFontIndirectA
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
BitBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateDIBitmap
GetTextExtentPointA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29fa4425586e439457dde1685bb1ecb2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 24KB - Virtual size: 120KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 24KB - Virtual size: 120KB

.rmnet
Size: 60KB - Virtual size: 60KB