bfa19c8eae4d323a2046ab38ff6c25df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfa19c8eae4d323a2046ab38ff6c25df
Size

3KB
MD5

bfa19c8eae4d323a2046ab38ff6c25df
SHA1

8e9c5af6057653ca2a0e99c5b238ea4f3011c16c
SHA256

9b1a4b717f985bd8fe1325ef15957fbb3093de00620218d0732e4f75aafbe235
SHA512

394efbc4ed50ffc412b7c81fea056efc7eef090aad23b71299ba10ca63d61141bbcec05017240e5a26eba791966ba2857aa80f506295dd7425965da3236baf29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa19c8eae4d323a2046ab38ff6c25df

Files

bfa19c8eae4d323a2046ab38ff6c25df
.dll windows:4 windows x86 arch:x86

94066dd6c6c537e2fdcd8b8327b9e70f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CreateServiceA
RegOpenKeyExA
OpenEventLogW
RegQueryValueExA
GetUserNameW
RegEnumKeyA
RegSetValueA

kernel32

SetCurrentDirectoryW
GetVersion
HeapSize
VirtualAlloc
lstrcpyA
ReplaceFileA
GetCurrentThreadId

Sections

.text
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ