bf8dce83c9ef89bfafc4676071a4d53b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf8dce83c9ef89bfafc4676071a4d53b
Size

26KB
MD5

bf8dce83c9ef89bfafc4676071a4d53b
SHA1

990c8514617d29685ee8d99d2eb38dd56d98e237
SHA256

fe310eba99893bb1c844d46a630456f8906a63f6c9476d7b0cbd3d23ca715e80
SHA512

6c3a7097b65f78c1c5e2f2b98f4263c9f6799b8ee40ad5dc0b90eb1792e9ab66779f48cf24e00ae5db1339148660eb5641d4fd1947c079bf9bb72dfa917a0188
SSDEEP

384:lR/UIvpy6b6F4DSMCwFvKoToP1j61gMH0AhsYatscUrXLhkw7oqizKJYt5Ob02pa:lR/VpE6M6QA7au3kbKJYe3Wn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8dce83c9ef89bfafc4676071a4d53b

Files

bf8dce83c9ef89bfafc4676071a4d53b
.dll regsvr32 windows:4 windows x64 arch:x64

9c0432e1910a7f6b5d39ec1826872d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
Sleep

Exports

Exports

Control
DllRegisterServer
FreeBuffer
Release
Start
StartW

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ