bf2aea256b842bfac940e9145776c081

General

Target

bf2aea256b842bfac940e9145776c081
Size

175KB
MD5

bf2aea256b842bfac940e9145776c081
SHA1

61a135134d2b2088faf488da7c29b756ee01c29c
SHA256

54a386f32d216c666c2331cc2a03c0aa62265bd1f9a6f8e26e2c4edc6dded50c
SHA512

48807b0a007748561833414732bb22df45079f4c123541441285f8b50e8ea077ce1df8e1dd7759d9bbddf781b5a574fba15a7fe14f2262c3572f041ced38e61a
SSDEEP

3072:4o+IU0rxX7WMIgE4apw3IUFnFJE+FAssEtCMu:4o+IUqxXqMIgEsFJE+Sd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf2aea256b842bfac940e9145776c081

Files

bf2aea256b842bfac940e9145776c081
.dll windows:5 windows x86 arch:x86

0113735cc2af831920713a1ceea999ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetComputerNameW
GetCurrentProcess
GetFileAttributesW
GetModuleFileNameW
GetProcAddress
GetTickCount
GetVolumeInformationW
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
Sleep
TerminateThread
WaitForSingleObject
VirtualAlloc
ReadFile
GetVolumeNameForVolumeMountPointW
DeleteCriticalSection

advapi32

RegOpenKeyW

msvcrt

_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_controlfp
_errno
_exit
_fdopen
_filelength
_getpid
_initterm
_mbscpy
_mbslen
_onexit
_open_osfhandle
_purecall
_putenv
_tzset
_vsnwprintf
_wcmdln
_wcsdup
_wcsnicmp
_wcsrev
_wfopen
_wtoi
clearerr
exit
fclose
fflush
fread
fseek
ftell
fwrite
isalpha
isspace
localtime
mktime
swprintf
time
wcscpy
wcslen
wcsrchr
wcstok

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata2
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ta2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0113735cc2af831920713a1ceea999ab

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 1KB

.ata2 Size: 139KB - Virtual size: 138KB

.ta2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 842B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 1KB

.ata2
Size: 139KB - Virtual size: 138KB

.ta2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 842B