bf0f2c22cc9a6c064b2e933c70b541f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf0f2c22cc9a6c064b2e933c70b541f9
Size

6KB
MD5

bf0f2c22cc9a6c064b2e933c70b541f9
SHA1

dd79fd64af2a5094fd6f58f26ec92e08fbbf1d1e
SHA256

73ed9d8a6f5b51e040a9156ddf6dbf9006e655fdb6bc2e2b8c62b2b090c11172
SHA512

fc56e5cd75c94cae03c7b05b98eaecf605f3bc618e462a63554a4f22bd1363ca6e9fb5c95d3432389371754e9421d6a9adcb734cc4cd0c7bc9a937cdacde1b92
SSDEEP

96:UfHXo6IFQ6c7528y9E3TZfuReyCP5KOi:YHY6CQn1y9CVyen5i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0f2c22cc9a6c064b2e933c70b541f9

Files

bf0f2c22cc9a6c064b2e933c70b541f9
.dll windows:4 windows x86 arch:x86

a6cf553666f4245c6031f4a54706f5b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
CreateMutexA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
MapViewOfFile
MoveFileExA
OpenProcess
SetFilePointer
Sleep
UnmapViewOfFile
VirtualAllocEx
VirtualProtect
VirtualProtectEx
WriteFile
WriteProcessMemory
lstrcatA
lstrcpyA
lstrlenA

user32

MessageBoxA

psapi

GetModuleFileNameExA

Exports

Exports

Disclaimer
GetProcAddress
LoadLibraryA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ