bf77b99e6a07a9e64bee4719e0720491

General

Target

bf77b99e6a07a9e64bee4719e0720491
Size

312KB
MD5

bf77b99e6a07a9e64bee4719e0720491
SHA1

e15f9cc6c1eed1b68a365aa3d79ee0ade7b40810
SHA256

bcd6012494f9324e2d3c3369a46cd3f72a436d36ac723969e4296685f15a91bc
SHA512

b2743da54052eef31ed48e52efe9d3184856b9d164eb8edc83f3f72d53e30754bf151be1bcb3fe8f225f61adf26880864683423b9b00de638ff02f6e49abdf09
SSDEEP

6144:slc0sSXLmjjQyDpEwRNsv/n2w+ZHtsD9J7ffGcw20sfTtPGesM/:ac+XIJlbRGfOW7fHH0WRs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf77b99e6a07a9e64bee4719e0720491

Files

bf77b99e6a07a9e64bee4719e0720491
.exe windows:4 windows x86 arch:x86

45ab4e7a906771e66427a55475fee2ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMonitorInfoW
CopyAcceleratorTableA
GetMessageA
UnregisterClassW
DrawAnimatedRects
InSendMessageEx
RegisterClassA
GetMenuStringA
DestroyCaret
LockWindowUpdate
RegisterClassExA
RegisterClassExW

kernel32

GetFileType
CloseHandle
GetLocalTime
TlsGetValue
HeapAlloc
GetStartupInfoA
GetTimeZoneInformation
GetACP
EnterCriticalSection
SetStdHandle
HeapCreate
GetModuleHandleA
GetEnvironmentStrings
ExitProcess
GetCommandLineA
SetEnvironmentVariableA
GetCurrentProcess
InitializeCriticalSection
OpenMutexA
GetModuleFileNameA
GetCurrentThread
HeapDestroy
LCMapStringA
GetProcAddress
GetCurrentProcessId
GetStdHandle
GetStringTypeW
IsBadWritePtr
DeleteCriticalSection
ReadFile
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentThreadId
GetEnvironmentStringsW
InterlockedIncrement
LoadLibraryA
TlsSetValue
TlsAlloc
VirtualAlloc
CreateMutexA
SetHandleCount
LCMapStringW
SetLastError
GetTickCount
GetLastError
HeapReAlloc
CompareStringA
FlushFileBuffers
GetVersion
UnhandledExceptionFilter
TlsFree
InterlockedDecrement
GetStringTypeA
CompareStringW
GetSystemTime
FreeEnvironmentStringsW
GetOEMCP
SetFilePointer
GetSystemTimeAsFileTime
InterlockedExchange
TerminateProcess
RtlUnwind
WideCharToMultiByte
VirtualQuery
FreeEnvironmentStringsA
GetCPInfo
MultiByteToWideChar
WriteFile
VirtualFree
HeapFree

comctl32

InitCommonControlsEx

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45ab4e7a906771e66427a55475fee2ab

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 3KB - Virtual size: 12KB

.data Size: 170KB - Virtual size: 170KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 3KB - Virtual size: 12KB

.data
Size: 170KB - Virtual size: 170KB

.rsrc
Size: 9KB - Virtual size: 8KB