bf6ef783f214aa2d3bbb1bfd3bff5856

Sharing

Copy URL Twitter E-mail

General

Target

bf6ef783f214aa2d3bbb1bfd3bff5856
Size

609KB
MD5

bf6ef783f214aa2d3bbb1bfd3bff5856
SHA1

d4cfc3f65d7921b847fdab468be133c24bc957ca
SHA256

136b71a377a769f00ca78b9ae31d2c2bd566fadeb98a6e99d4552a2534687132
SHA512

bf901f4a7966daae6a4a08ec827d6579c68ff253183d0b066f52d6bf9f9cb5e328da51c03c12d46bb9db4b2dc1bd04c3cd473d7683da024a8582cf9eb74e6482
SSDEEP

12288:6BSy6QtLq8S1XyEj6yjxMyqDcOcAM7vt64ORCVr7gH9t6LJR/pmEjzi:6AKtLpolj6ylMyIcOcAM7VtceL/gIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf6ef783f214aa2d3bbb1bfd3bff5856

Files

bf6ef783f214aa2d3bbb1bfd3bff5856
.exe windows:4 windows x86 arch:x86

d096d3e390bae7b6824cd239ae4ccc0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
GetGuiResources
RegisterClassA
EnumDisplaySettingsExW
RegisterClassExA
EnumPropsW

comctl32

InitCommonControlsEx

wininet

InternetGetConnectedStateEx
FindFirstUrlCacheEntryExA
InternetUnlockRequestFile
DeleteUrlCacheContainerA
InternetCreateUrlA
FindNextUrlCacheEntryExA
HttpOpenRequestA
DeleteIE3Cache
UpdateUrlCacheContentPath

kernel32

GetTimeFormatA
ExitProcess
GetSystemTimeAsFileTime
SetHandleCount
HeapSize
LeaveCriticalSection
IsValidLocale
LCMapStringW
WideCharToMultiByte
TlsAlloc
LoadLibraryA
CompareStringA
GetLocaleInfoW
SetFilePointer
WriteFile
GetLastError
GetCPInfo
SetEnvironmentVariableA
GetTimeZoneInformation
CreateFileA
TlsFree
GetUserDefaultLCID
GetConsoleCP
GetCurrentThreadId
GetStringTypeW
EnterCriticalSection
GetEnvironmentStringsW
ReadFile
WriteConsoleW
InterlockedDecrement
GetCurrentProcessId
HeapCreate
GetStdHandle
SetConsoleCtrlHandler
SetLastError
FlushFileBuffers
FreeLibrary
EnumSystemLocalesA
MultiByteToWideChar
OpenMutexA
GetConsoleMode
WriteConsoleA
GetLocaleInfoA
GetStringTypeA
GetModuleFileNameA
VirtualFree
GetModuleHandleA
QueryPerformanceCounter
GetStartupInfoA
HeapAlloc
RtlUnwind
GetStartupInfoW
Sleep
SetUnhandledExceptionFilter
TerminateProcess
CreateMutexA
GetACP
GetCommandLineA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsW
GetCommandLineW
DeleteCriticalSection
GetFileType
TlsSetValue
GetCurrentProcess
GetModuleFileNameW
InterlockedExchange
IsValidCodePage
GetDateFormatA
CompareStringW
HeapFree
GetModuleHandleW
SetStdHandle
IsDebuggerPresent
GetProcAddress
UnhandledExceptionFilter
GetConsoleOutputCP
LCMapStringA
GetCurrentThread
GetTickCount
GetOEMCP
CloseHandle
InterlockedIncrement
TlsGetValue
HeapDestroy
VirtualQuery

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d096d3e390bae7b6824cd239ae4ccc0d

Headers

File Characteristics

Imports

user32

comctl32

wininet

kernel32

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 319KB - Virtual size: 319KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 319KB - Virtual size: 319KB

.rsrc
Size: 8KB - Virtual size: 7KB