bf505056707df4d69a2fef2091a89316 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf505056707df4d69a2fef2091a89316
Size

105KB
MD5

bf505056707df4d69a2fef2091a89316
SHA1

4192662095aefbc914e1562aa35996dda9d04817
SHA256

863c7d3cb413b9fe3d36dfd3a201140d43970ea462dbaad7996a7db5ada52ca5
SHA512

197b01906a25bae5e40df45954e39e9bf178171da1d5d6e98bfe422712c4f4ab2d178dc6c51aa1e376fa4c739c50fb39293d406fe838e65719763029f93cbf82
SSDEEP

1536:+kvchrlHXYj777BPveRsuPvVVOJ739P0PNJ3Jq0p0iT86NKfULDF:LWrlHXo777B+auPvV8J738xp0EiEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf505056707df4d69a2fef2091a89316

Files

bf505056707df4d69a2fef2091a89316
.exe windows:4 windows x86 arch:x86

888ba1276e36b714fbc4de942fa8ded4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
TlsGetValue
GetVolumeInformationA
OpenSemaphoreA
LocalHandle
GlobalFindAtomA
GetPriorityClass
TlsFree
GetStdHandle
LoadResource
GetModuleHandleA
LocalAlloc
VirtualAlloc
GetOEMCP
GetConsoleCP
GetProcessHeap
GetUserDefaultLangID
SetEvent
ReleaseMutex
CreateThread
GetThreadLocale

user32

GetClassInfoExA
RegisterClassA
ShowWindow
GetWindow
IsIconic
ReleaseDC
GetFocus
GetDC
IsWindowVisible
DrawTextExA
GetActiveWindow
GetForegroundWindow
GetWindowTextLengthA
GetClassNameA
GetWindowTextA
GetSystemMetrics
CloseWindow
InvalidateRect
ValidateRect

shell32

SHGetFolderPathA
SHBrowseForFolderA
SHChangeNotify
SHGetMalloc
SHGetFileInfoA

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ