bf77c0487bbe69247e31252e374b50ac

Sharing

Copy URL Twitter E-mail

General

Target

bf77c0487bbe69247e31252e374b50ac
Size

171KB
MD5

bf77c0487bbe69247e31252e374b50ac
SHA1

2700f677666f6e630bd621633d20eef25e25c15b
SHA256

dd6cf495b368f41850d592420bd01527a01c8da9c09b247f4822a0a316ac0e43
SHA512

72dd3f003b5acc5856c94fca65a4190de5b79e4773c5b42b12264fa42449a61f15d4663d293bc8391246be45996414d63a9782d92a907a1584c1522df7ae0e15
SSDEEP

3072:Ug1+rrOiA6DPJF4wl4IF+LjuWW3bFZHyKiUKwIwZ5JYv9YZkVjU1Go13Bov4ZD1O:U++rnBFj9KUbFlhIlyGopBPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf77c0487bbe69247e31252e374b50ac

Files

bf77c0487bbe69247e31252e374b50ac
.exe windows:4 windows x86 arch:x86

8fafb2176466c1c5329dea6707376674

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

user32

GetWindowInfo
GetParent
CreateWindowExW
GetAncestor
SetWindowPos
SystemParametersInfoW
TranslateMessage
GetWindowRect
BeginPaint
SetDlgItemTextW
GetDC
SetWindowTextW
MapWindowPoints
PeekMessageW
MessageBoxW
GetWindowTextLengthW
EndPaint
DispatchMessageW
LoadCursorW
GetClassInfoExW
GetWindow
GetDlgItemTextW
SetCapture
RegisterClassExW
DestroyWindow
GetClientRect
EndDialog

kernel32

HeapCreate
CreateFileMappingW
SetStdHandle
GetCurrentThreadId
TlsFree
GetStringTypeW
LoadLibraryA
lstrcpynW
HeapSize
GetThreadLocale
GetConsoleCP
FlushInstructionCache
WaitForSingleObject
MulDiv
TlsAlloc
GetSystemTimeAsFileTime
GetDriveTypeW
lstrcmpA
lstrlenA
SetFilePointer
CopyFileW
LeaveCriticalSection
CheckRemoteDebuggerPresent
WriteConsoleA
FindResourceW
GetOEMCP
SetLastError
SizeofResource
LocalAlloc
EnumResourceTypesW
CreateSemaphoreW
RaiseException
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetCPInfo
FlushFileBuffers
IsProcessorFeaturePresent
GetCurrentProcessId
LoadResource
GetStartupInfoA
GetACP
WriteConsoleW
GetConsoleOutputCP
LCMapStringW
CreateFileA
TlsGetValue
WritePrivateProfileSectionW
InitializeCriticalSection
Sleep
GetTickCount
LocalFree
GetCurrentProcess
TlsSetValue
QueryPerformanceCounter
VirtualFree
GetConsoleMode
VirtualAlloc
InterlockedExchange
HeapDestroy
InterlockedCompareExchange
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
GetVersion
LockResource
GetFileType

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fafb2176466c1c5329dea6707376674

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 54KB - Virtual size: 54KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 54KB - Virtual size: 54KB

.isete
Size: 1024B - Virtual size: 244KB