bf75515a0732047cebb99649712d0172 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf75515a0732047cebb99649712d0172
Size

182KB
MD5

bf75515a0732047cebb99649712d0172
SHA1

8e69a7c808c52db2b6d86424aba3fe3ce7f8ab71
SHA256

f93c725fed58c35d2047335ad923ba1ecc52d187abfb9574db50c0bdd957f3ce
SHA512

036c86ef3b0f483c62c93b17c9029b9f518157e1d7bff251bac13359ccab4a2b1aa8268635168148117f4cf1f7398f514ce2546c177fdc4335e8720a3f6aa95b
SSDEEP

3072:UvJP+USz1zEJTePF5XImXRmx+jcjgHP941KdiuSg2Q3WrMmo0CUEhCR5:Y+rz1zE5WrImhmx+j0gHP94couSJQGrx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf75515a0732047cebb99649712d0172

Files

bf75515a0732047cebb99649712d0172
.exe windows:4 windows x86 arch:x86

dfab90d948c145a9cb9d039b18e591dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
EnumResourceTypesW
GetUserDefaultUILanguage
SetLocalTime
GetConsoleCommandHistoryA
FindResourceW
FindNextVolumeW
DeleteTimerQueueTimer
EnumUILanguagesW
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetKeyboardLayoutNameA
CopyImage
SetActiveWindow
CreateIconIndirect
SetWindowsHookExW
UnloadKeyboardLayout
DlgDirSelectComboBoxExA
LoadKeyboardLayoutW
GetClipCursor
SendNotifyMessageA
CreateIcon

gdi32

EngStretchBlt
CreatePenIndirect
GetRelAbs
FillRgn
TextOutA
PolyPolygon
GetCharABCWidthsW
GdiPlayPageEMF
LineTo
PATHOBJ_vEnumStartClipLines
XLATEOBJ_piVector

Sections

.text
Size: 5KB - Virtual size: 810KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE