bf5fcdd7e8b7bfb87e6675656e075ad4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf5fcdd7e8b7bfb87e6675656e075ad4
Size

19KB
MD5

bf5fcdd7e8b7bfb87e6675656e075ad4
SHA1

cfc6dec9d093fb4301ac19e48eebc664a88e14dd
SHA256

6a0d9dba11b2450a9b21009e536ebd7add78e7e59f7ac943f0ca8bbee61d71ee
SHA512

6680786dfd9c8550aa86430f08f250fca3d9bfe272c1db67dc551317641e59f2d69b066ca4592dd4642554f31e04abe4e9a7c10d6308d54dc8a3b6e9f97c34cc
SSDEEP

384:q4mom27C3x9SEk4PA8EyYw3/34ubF8jK3kLeNVCGctsKtuhe2ulnfWjvOeo:qXaHEk4PA8E7YbWI2aIGctfieTln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf5fcdd7e8b7bfb87e6675656e075ad4

Files

bf5fcdd7e8b7bfb87e6675656e075ad4
.exe windows:4 windows x86 arch:x86

3ac90eb623c30350b623db8b1251c33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetTempPathA
lstrcpyA
CloseHandle
lstrcatA
WaitForSingleObject
CreateEventA
GetProcessHeap
SetFilePointer
CreateFileA
lstrlenA
GetModuleFileNameA
ResetEvent
LoadLibraryA
ExitProcess
GetModuleHandleA
WriteFile
GetProcAddress
RtlUnwind
CreateThread
SetEvent
ExitThread
GetVersionExA

user32

wsprintfA
DispatchMessageA
SetThreadDesktop
PeekMessageA
CreateWindowExA
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
BeginPaint
ShowWindow
TranslateMessage

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetFolderPathA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ