bf04efdb7e1d144588d9a6e32ea99602 | Triage

Sharing

General

Target

bf04efdb7e1d144588d9a6e32ea99602
Size

6KB
MD5

bf04efdb7e1d144588d9a6e32ea99602
SHA1

a3aec13fa47b19e29771f72233f92adc10e67d56
SHA256

e0fb80ecb1ecc3b07b11a0f1d4ff023e6435af304173f40ce3ecde9216b236e8
SHA512

27f11620d72c01b9c4db6771524972ebb9cdf2fdeadf3571a72b16dc41f20c00e9a5608a1a92907987593f3b13a460e9af15dd5355f3dc788b594d36beee1654
SSDEEP

96:QPaLcNTLyYABhaTnC0z0nR7g5E7Gj67OGk:QigR+YAB6z0niWU67O1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf04efdb7e1d144588d9a6e32ea99602

Files

bf04efdb7e1d144588d9a6e32ea99602
.exe windows:4 windows x86 arch:x86

3d0777d95928361e270e73674c2d8d5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

shlwapi

SHDeleteKeyA

rpcrt4

UuidToStringA

msvcrt

srand
rand

kernel32

ReadFile
GetTickCount
lstrlenA
GetCommandLineA
GetStartupInfoA
HeapFree
GetProcessHeap
HeapAlloc
GetWindowsDirectoryA
CreateDirectoryA
GetEnvironmentVariableA
CloseHandle
WriteFile
CreateFileA
DeleteFileA
SetFileAttributesA
TerminateProcess
OpenProcess
GetCurrentProcessId
MoveFileExA
CreateProcessA
FreeLibrary
ExitProcess
GetModuleHandleA
GetVersion
GetModuleFileNameA
SetFilePointer
GetFileSize
MultiByteToWideChar

user32

wvsprintfA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE