bf8d017bfc772bd5b2a37b48a313ec9b | Triage

Sharing

General

Target

bf8d017bfc772bd5b2a37b48a313ec9b
Size

362KB
MD5

bf8d017bfc772bd5b2a37b48a313ec9b
SHA1

5720e493c201b32dcf49a02437bde10ce40ed426
SHA256

a68a1aaea65d3569752892a79f760c1cd8e707631ec5284758f75d524c4207f5
SHA512

1624b2bacf41d65037af597e6017d9b24db89c866f73159789d47322503d1fc399b57af59e03f9b6b454a2398b286c7aec096e38feaa9c6e25e92de1faf1e544
SSDEEP

6144:FeM+2bf0uz7tn4tiT/gk+/WLfmByIJvpwduxCazhXjNeNsN5:FeM+lO7qQz+OacIRpwqCayg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8d017bfc772bd5b2a37b48a313ec9b

Files

bf8d017bfc772bd5b2a37b48a313ec9b
.exe windows:4 windows x86 arch:x86

3cf2878286f4831f0faa65a58d8d74b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
DeleteCriticalSection
GetCommandLineA
GetTickCount
EnumResourceTypesA
ReleaseMutex
GetModuleHandleA
GetExitCodeProcess
GetDiskFreeSpaceExW
TlsGetValue
GetComputerNameA
SetLastError
FreeConsole
VirtualProtect
FindClose
CreateMutexA
GetLastError
LoadLibraryExW
Sleep
CloseHandle

shell32

SHGetNewLinkInfo
SheChangeDirA
DragQueryFileA
DragAcceptFiles
SHGetSettings
DragFinish
SHFree
SHGetDiskFreeSpaceA
ShellMessageBoxA
SHAlloc
SHGetMalloc
ShellAboutA
StrChrA

glmf32

glsBlock
glsComment
glsAppRef
glsChannel
glsBinary

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ