bf7caf484ca22bc1195212ab7545085d

Sharing

Copy URL Twitter E-mail

General

Target

bf7caf484ca22bc1195212ab7545085d
Size

616KB
MD5

bf7caf484ca22bc1195212ab7545085d
SHA1

44a8bd213e3d740c63b764889bdd9f3bb77bcda2
SHA256

a255dc805475c0430e8b11b2c0b39ad7f22b3717b77c303bbb0c591287a548fd
SHA512

b8d3b65487c01663e514d699b1c50d5855858dd2a070da5744ce5640b281914118a15cdc21e9ee9d974565054d30566600f6368f64519f34d8914d8777a49672
SSDEEP

12288:3rNsfbcPJBIng13e+S5UFlDf23v14w+HWeYvL1R3n29E44jC:5sYPJmg1eF5MDf23t4hnYz1pi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7caf484ca22bc1195212ab7545085d

Files

bf7caf484ca22bc1195212ab7545085d
.exe windows:4 windows x86 arch:x86

896a233ead47f9703f3d94a056d8b1a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\

Imports

shell32

SHUpdateRecycleBinIcon
ExtractIconExA
DuplicateIcon
ExtractIconW

kernel32

FreeEnvironmentStringsW
TerminateProcess
GetTimeFormatA
VirtualQuery
TlsAlloc
UnhandledExceptionFilter
IsValidCodePage
GetNumberFormatW
GetLogicalDriveStringsW
SetConsoleOutputCP
GetCurrentThreadId
GetStringTypeA
InterlockedDecrement
GetLocaleInfoW
GetProcessHeap
EnterCriticalSection
LocalFileTimeToFileTime
SetConsoleCtrlHandler
OpenMutexA
GetLocaleInfoA
GetConsoleOutputCP
CloseHandle
GetModuleFileNameW
DebugActiveProcess
ReadFile
InitializeCriticalSection
GetVersionExA
GetTimeFormatW
FlushFileBuffers
InterlockedIncrement
GetProfileIntW
FindClose
SetLocaleInfoA
HeapSize
GlobalSize
GetStartupInfoA
WriteConsoleOutputA
QueryPerformanceCounter
ConnectNamedPipe
SetFileAttributesW
GlobalAddAtomW
RtlZeroMemory
ReadConsoleOutputA
WritePrivateProfileSectionA
SetCurrentDirectoryA
SetLocalTime
WideCharToMultiByte
LocalHandle
GetUserDefaultLCID
LCMapStringW
ExitProcess
HeapFree
SetVolumeLabelW
GetPrivateProfileSectionW
GetFileAttributesExA
CreateMutexA
SetConsoleCursorInfo
IsValidLocale
HeapAlloc
SetEnvironmentVariableA
TlsGetValue
SetThreadLocale
SetVolumeLabelA
GetStdHandle
GetWindowsDirectoryW
SetHandleCount
GetCurrentProcess
GetFileType
SetUnhandledExceptionFilter
GetDateFormatA
FlushViewOfFile
GetOEMCP
TlsFree
GetLastError
GlobalUnlock
FoldStringW
SetStdHandle
GetStartupInfoW
GetStringTypeW
SetConsoleTextAttribute
GetTickCount
GetCPInfo
TlsSetValue
CompareStringA
WriteConsoleW
GetProcAddress
GetThreadTimes
FreeLibrary
GetProcAddress
WriteConsoleOutputCharacterA
HeapDestroy
MoveFileW
lstrcpynA
HeapReAlloc
CommConfigDialogA
CreateFileA
LocalUnlock
GlobalFindAtomW
CreateWaitableTimerA
WriteFile
GetPrivateProfileSectionNamesW
WriteProfileSectionA
HeapCreate
GetSystemTimeAsFileTime
FindNextFileW
WriteConsoleA
MultiByteToWideChar
GetConsoleMode
FreeEnvironmentStringsA
GetCurrentThread
GetACP
RtlUnwind
GetCommandLineW
GetTimeZoneInformation
GetEnvironmentStringsW
RemoveDirectoryA
DeleteCriticalSection
CompareStringW
LoadLibraryA
GetModuleHandleA
RtlMoveMemory
GetModuleFileNameA
VirtualAlloc
MapViewOfFile
GetCommandLineA
SetFilePointer
GetCurrentProcessId
LCMapStringA
lstrcmpiA
InterlockedExchange
Sleep
SetLastError
WriteProfileStringA
EnumDateFormatsExA
VirtualFree
IsDebuggerPresent
lstrcmp
GetTempFileNameA
GetConsoleCP
RtlFillMemory
GetEnvironmentStrings
LeaveCriticalSection
EnumSystemLocalesA
EnumResourceLanguagesW

user32

wvsprintfA
SwapMouseButton
SetDebugErrorLevel
MessageBoxIndirectW
CreateDesktopA
DlgDirSelectExA
RegisterClassW
UnionRect
GetClipboardData
GetClassInfoW
ShowScrollBar
DialogBoxIndirectParamW
CharToOemBuffW
WINNLSEnableIME
CopyImage
IsRectEmpty
DestroyCaret
CloseClipboard
BeginDeferWindowPos
EndPaint
DialogBoxParamA
SetClassWord
MapVirtualKeyA
SetCursorPos
DdeQueryStringA
GetNextDlgGroupItem
TrackPopupMenu
InsertMenuItemW
OemToCharBuffW
SetRect
IsClipboardFormatAvailable
GetKeyboardLayout
IsCharLowerA
CascadeWindows
CopyIcon
GetClassNameA
DrawFocusRect
RegisterClassA
FlashWindow
RegisterClassExA
CreateWindowExW
IsDialogMessage
MapVirtualKeyExW
GetWindowTextA
ChangeClipboardChain
SetWindowContextHelpId
RegisterWindowMessageA
AdjustWindowRectEx

wininet

FindFirstUrlCacheGroup
SetUrlCacheGroupAttributeW
FindFirstUrlCacheEntryW

comctl32

DrawInsert
CreateStatusWindow
ImageList_LoadImage
CreateStatusWindowW
InitCommonControlsEx
MakeDragList
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_SetIconSize
ImageList_Copy
ImageList_AddIcon
ImageList_BeginDrag
ImageList_DrawEx
ImageList_DragEnter
ImageList_GetImageCount

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

896a233ead47f9703f3d94a056d8b1a1

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

user32

wininet

comctl32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 52KB - Virtual size: 51KB