bf7720655e0f3848d1e576c97707683b

General

Target

bf7720655e0f3848d1e576c97707683b
Size

48KB
MD5

bf7720655e0f3848d1e576c97707683b
SHA1

0cfda106ba1e698a7a6eec38fdc86bd90154fffe
SHA256

9ce971956a54963f6537a17b66d80e1c88db4b0a46074b0d9f10e412362e6aef
SHA512

85d0a475cbf70dfd2b461051e124ddf5e47e37adebae069e9684410c81b849d33ef7a769f193bcca53e6ac0c4bc9c3f228796d8f4ed0245d398456db7c6f1ba7
SSDEEP

768:Mmr4FIS7uGvtRGGxd5XbsBni8fLdM41xv/oc:Hr4fci3X4Z7DlLoc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7720655e0f3848d1e576c97707683b

Files

bf7720655e0f3848d1e576c97707683b
.exe windows:4 windows x86 arch:x86

61772faf12ee503f52bab8af364c3970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateFileA
GetFileSize
WriteFile
SetFilePointer
lstrlenA
CloseHandle
GetEnvironmentVariableA
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
GetProcAddress
LCMapStringW
LCMapStringA
SetStdHandle
GetVersionExA
LoadLibraryA
FreeLibrary
Sleep
MoveFileA
GetLongPathNameA
DeleteFileA
GetOEMCP
GetACP
GetCPInfo
GetLastError
HeapReAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
VirtualAlloc
FlushFileBuffers

user32

DispatchMessageA
PeekMessageA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61772faf12ee503f52bab8af364c3970

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB