bfa0f7dbc4fecdf542ebcf493a09d219

Sharing

Copy URL Twitter E-mail

General

Target

bfa0f7dbc4fecdf542ebcf493a09d219
Size

228KB
MD5

bfa0f7dbc4fecdf542ebcf493a09d219
SHA1

a0dedc2e4b4c24f02b3d94191dac26328bc1de2f
SHA256

17035ce96c72ae443d671157940bc358caa0686a5e21e3bf9dff1aceb3269a18
SHA512

cea2f5b06771ad9f8440be20b91008b188495ee5a4b66690b1b749914af19d60f4f5400b8466ea3bbd00345a43485b8902a59b9b5815d0212ceeea8c0965fcfc
SSDEEP

3072:lHng0XLL1o9enyGe7w+uhhxcFC2x+ZSO1pSS/YByN66sgR3T7i8skbzU9IDSzRmS:x/4eo87qx+51pSrBoOei+hD7aLkXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa0f7dbc4fecdf542ebcf493a09d219

Files

bfa0f7dbc4fecdf542ebcf493a09d219
.dll windows:4 windows x86 arch:x86

e5c996106815a82e0475f98f1becd286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
ExitProcess
FileTimeToLocalFileTime
FindClose
GetCommandLineA
GetConsoleMode
GetCurrentProcessId
GetEnvironmentStringsA
GetModuleHandleA
GetPriorityClass
GetProcAddress
GetProcessWorkingSetSize
GetStringTypeW
GetTickCount
GetVersionExA
GlobalAddAtomA
GlobalReAlloc
HeapAlloc
HeapCreate
InterlockedIncrement
IsBadStringPtrA
LeaveCriticalSection
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
ResumeThread
RtlUnwind
SetEvent
SetFilePointer
SetLastError
TerminateThread
TlsAlloc
TlsGetValue
WaitForSingleObject
lstrcpynA
lstrlenA

user32

TrackPopupMenu
SetUserObjectSecurity
SetFocus
SetCapture
SendMessageA
RegisterClassExA
OffsetRect
LoadAcceleratorsA
GetWindowRect
GetMessageA
GetMenuItemCount
GetKeyState
GetFocus
GetDoubleClickTime
GetDC
DrawTextA
DrawMenuBar
DeferWindowPos
CreatePopupMenu
DestroyWindow

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildExplicitAccessWithNameA
CryptDestroyKey
InitiateSystemShutdownExA
OpenEncryptedFileRawA
RegReplaceKeyW
SetTraceCallback
SetSecurityDescriptorRMControl

ddraw

DirectDrawCreate
DSoundHelp
DDInternalUnlock
DDInternalLock
GetDDSurfaceLocal
DirectDrawEnumerateW
DirectDrawEnumerateExW

ole32

CoGetObjectContext
CoImpersonateClient
CoQueryAuthenticationServices
IsEqualGUID
CoCreateInstance

Exports

Exports

UnregisterDriveChangeCallback

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5c996106815a82e0475f98f1becd286

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 92KB - Virtual size: 160KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 92KB - Virtual size: 160KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB