bf91ab8e3713a6e709462e1f3e003bda | Triage

Sharing

General

Target

bf91ab8e3713a6e709462e1f3e003bda
Size

16KB
MD5

bf91ab8e3713a6e709462e1f3e003bda
SHA1

e3e4d4d70657aeffa754c9dfa28dc0ffa357c734
SHA256

90b60d769edff8ea9f6971ae689d33d6bf9bdf6cced4705a7ac1736391c062c8
SHA512

0b04889d8a13d52288132ff6ee411af92f7c61316766241edacb162682d5b7f03740f84db6fbf66accd0d886f9e2b885737c153576f2875e334720d7c1344a12
SSDEEP

192:HrTqIph8+Jwx7xYS3GGP0Q9B+Spnszsu8VE9KZLzGC0vQJ13Yyun:HfqIpO+O7xYS2GPz/+SSp8q96Lzyyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf91ab8e3713a6e709462e1f3e003bda

Files

bf91ab8e3713a6e709462e1f3e003bda
.exe windows:4 windows x86 arch:x86

b6a20877a123aec4bde8c3c48f0fba99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetConsoleCP
FoldStringA
CloseHandle
GetDriveTypeA
EnterCriticalSection
VirtualProtect
GetStdHandle
SetErrorMode
HeapCreate
GlobalAddAtomA
Sleep
GlobalDeleteAtom
GetACP
GlobalFree
LoadLibraryExA
GetLastError
GlobalUnlock
GetLocaleInfoA
LockResource
InterlockedExchange

user32

IsIconic
GetWindowTextA
DrawEdge
GetMenuItemInfoA
EndPaint
GetParent
DrawMenuBar
GetWindow
GetActiveWindow
GetForegroundWindow
BeginPaint
GetClassNameA
ValidateRect
ReleaseDC
GetCursorPos
AnyPopup
DrawTextA
GetFocus
ShowWindow

version

GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA

winsta

WinStationShadow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ