bf86e1b0bfcf0d499b8feccc873e8ab2

Sharing

Copy URL Twitter E-mail

General

Target

bf86e1b0bfcf0d499b8feccc873e8ab2
Size

115KB
MD5

bf86e1b0bfcf0d499b8feccc873e8ab2
SHA1

03da1a7a49216f6b3a46dad35c7b2e4d487b327f
SHA256

b2a711271f282288add530edbb1e57676265a50f7006e91dd612f3ff0bda5de3
SHA512

9c8cbdcfe65c8a0f70af3fa700d659ac2a0633c8ab020cd8649b5e07149a98754dcbf563fe214088ab18fb09c3cdcb461cdc9fc3ee3daf22a2491b41f86a3843
SSDEEP

3072:BYJwta3L3nvYVKo43DZINNBYZUTMW//tdg54S:RMDTZCB4iMW/16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf86e1b0bfcf0d499b8feccc873e8ab2

Files

bf86e1b0bfcf0d499b8feccc873e8ab2
.exe windows:4 windows x86 arch:x86

cac4a2bd8e046624a0070fc4228fcb33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA
SetCursor
GetSystemMetrics
DestroyMenu
GetKeyboardLayout
EndPaint
SystemParametersInfoA
GetWindowPlacement
SetWindowPos
CharNextW
GetCapture
SetWindowLongA
MsgWaitForMultipleObjects
GetWindowDC
OpenClipboard
WindowFromPoint
TranslateMessage
UpdateWindow
EnableMenuItem
CallNextHookEx
CreateWindowExA
CreateIcon
LoadStringA
GetKeyboardLayoutList
GetScrollPos
IsWindowVisible
SendMessageW
SendMessageA
OffsetRect
SetParent
AdjustWindowRectEx
SetMenu
SetMenuItemInfoA
SetScrollPos
ScreenToClient
EnumChildWindows
PostQuitMessage
DestroyIcon
EmptyClipboard
CheckMenuItem
ReleaseDC
CharUpperBuffA
RegisterClipboardFormatA
GetMenuState
GetScrollInfo
DrawMenuBar
GetSubMenu
BeginPaint
GetActiveWindow
GetMenu
RegisterClassA
MapVirtualKeyA
RemoveMenu
PeekMessageW
IsWindow
SetTimer
IsDialogMessageW
ShowScrollBar
IsWindowEnabled
FindWindowA
DrawIcon
GetPropA
GetLastActivePopup
wsprintfA
RegisterWindowMessageA
LoadCursorA
GetMenuItemCount
GetClassLongA
CreatePopupMenu
MessageBoxA
RemovePropA
SetWindowTextA
IsWindowUnicode
EnumWindows
ChildWindowFromPoint
TranslateMDISysAccel
GetFocus
SetClassLongA
ShowWindow
CharToOemA
CharNextA
SetCapture
GetKeyboardLayoutNameA
ReleaseCapture
MessageBeep
DefMDIChildProcA
GetForegroundWindow
GetClipboardData
GetWindow
SetWindowLongW
SetPropA
GetCursorPos
IsZoomed
IsDialogMessageA
GetDesktopWindow
DefWindowProcA
SetWindowsHookExA
UnregisterClassA
GetClientRect
GetClassNameA
CreateMenu
DefFrameProcA
UnhookWindowsHookEx
EnableScrollBar
SetFocus
OemToCharA
MoveWindow
DrawEdge
SetScrollRange
SetActiveWindow
IntersectRect
FillRect
ShowOwnedPopups
DispatchMessageA
SetRect
CharLowerBuffA
GetMenuStringA
GetClassInfoA
InsertMenuItemA
KillTimer
CloseClipboard
InsertMenuA
DestroyWindow
IsChild
GetWindowThreadProcessId
IsIconic
MapWindowPoints
GetDlgItem
LoadIconA
GetScrollRange
SetForegroundWindow
DrawFrameControl
GetMenuItemID
DrawAnimatedRects
GetIconInfo
WaitMessage
DispatchMessageW
EnableWindow
GetMessagePos
GetCursor
EnumThreadWindows
PeekMessageA
SetClipboardData
InflateRect
ScrollWindow
GetMenuItemInfoA
GetSysColorBrush
GetWindowLongW
ActivateKeyboardLayout
CharLowerA
GetSystemMenu
GetTopWindow
DeleteMenu
PostMessageA
GetSysColor
EqualRect
DrawTextA
SetWindowPlacement
GetWindowTextA
GetKeyboardState
TrackPopupMenu
DestroyCursor
GetWindowLongA
RedrawWindow
PtInRect
GetDCEx
GetKeyState
GetKeyNameTextA
InvalidateRect
LoadKeyboardLayoutA
IsRectEmpty
DrawIconEx
LoadBitmapA
GetDC
ClientToScreen
FrameRect
GetKeyboardType

msvcrt

wcsncmp
acos
fabs
cos
memmove

kernel32

FindFirstFileA
LocalReAlloc
GetOEMCP
MulDiv
ExitThread
GlobalFindAtomA
HeapDestroy
lstrcmpiA
GetProcessHeap
GetLocaleInfoA
InitializeCriticalSection
LocalFree
GetLocalTime
LoadLibraryA
lstrcatA
FreeResource
GetFileSize
GetFullPathNameA
lstrcpynA
MoveFileA
GetStringTypeW
GetStartupInfoA
ResetEvent
GlobalDeleteAtom
GetSystemDefaultLangID
SetHandleCount
GetCurrentProcess
GetCurrentThread
SetLastError
GetUserDefaultLCID
CreateFileA
GetVersionExA
DeleteCriticalSection
SetEvent
SizeofResource
GetFileAttributesA
GetCurrentProcessId
GetProcAddress
LoadLibraryExA
LoadResource
GetStringTypeA
ExitProcess
GlobalAddAtomA
GetVersion
Sleep
HeapAlloc
GetEnvironmentStrings
lstrcpyA
SetEndOfFile
lstrcmpA
GetCurrentThreadId
CompareStringA
GetCommandLineA
VirtualFree
VirtualQuery
GetFileType
WaitForSingleObject
CreateThread
GlobalAlloc
GetStdHandle
DeleteFileA
GetTickCount
EnterCriticalSection
HeapFree
EnumCalendarInfoA
WideCharToMultiByte
LockResource
LocalAlloc
VirtualAlloc
WriteFile
ReadFile
GetCPInfo
GetModuleFileNameA
GetThreadLocale
FindClose
GetLastError
MoveFileExA
FormatMessageA
SetFilePointer
FreeLibrary
RaiseException
SetThreadLocale
GetModuleHandleA
VirtualAllocEx
SetErrorMode
lstrlenA
CreateEventA
CloseHandle
GetACP

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cac4a2bd8e046624a0070fc4228fcb33

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.bss Size: 7KB - Virtual size: 6KB

.edata Size: 4KB - Virtual size: 4KB

.text
Size: 102KB - Virtual size: 102KB

.bss
Size: 7KB - Virtual size: 6KB

.edata
Size: 4KB - Virtual size: 4KB