bf93279cd0fc8539d7d4d6857c68fc26

Sharing

Copy URL Twitter E-mail

General

Target

bf93279cd0fc8539d7d4d6857c68fc26
Size

480KB
MD5

bf93279cd0fc8539d7d4d6857c68fc26
SHA1

714fc487471b5225caf926408c984200f70e3e34
SHA256

7638c77c85855cd27a6e841ddb9853ab030d734686edd9bfb284769cf67593c6
SHA512

4cfc4aaa30183533cb78a1160c225b8ee99bf2de1afbd4dc9a62e6aea0d80ca39b26bb98b75b4081b6655c633b608a6e52570ce178329cd05d1d8c92a6ae8ec8
SSDEEP

12288:luA2uwWwwem+ynZiJM+EnkAJi5OaS2eMhYzioUrT:UA2uam+yZj+G5nchYeoUrT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf93279cd0fc8539d7d4d6857c68fc26

Files

bf93279cd0fc8539d7d4d6857c68fc26
.dll windows:5 windows x86 arch:x86

b73b2a5742d430c0e9facd8ee6591646

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

userenv

DestroyEnvironmentBlock
EnterCriticalPolicySection
ExpandEnvironmentStringsForUserW
FreeGPOListW
GetAppliedGPOListW
CreateEnvironmentBlock
UnregisterGPNotification
RegisterGPNotification
LeaveCriticalPolicySection
GetProfilesDirectoryW

kernel32

_lclose
VirtualFree
VirtualAlloc
VerifyVersionInfoA
VerLanguageNameA
SetUnhandledExceptionFilter
SetLastError
SetFileAttributesW
CancelIo
CreateMutexA
EraseTape
ExitProcess
FileTimeToDosDateTime
FindFirstChangeNotificationW
GetACP
GetAtomNameA
GetCalendarInfoW
GetCommandLineA
GetComputerNameA
GetCurrentThreadId
GetMailslotInfo
GetPrivateProfileStringA
HeapAlloc
IsBadStringPtrA
IsDBCSLeadByte
OpenFileMappingW
OpenMutexA
Process32FirstW
ReadProcessMemory

crtdll

wcsxfrm
vfwprintf
strcmp
sqrt
isleadbyte
clock
atan
abs
_ultoa
_strnset
_ecvt
_execve
_exit
_filelength
_finite
_ftime
_mbctohira
_mbscmp
_mbscpy
_mbsnccnt
_rotr
_stat
wctomb

rpcrt4

MesIncrementalHandleReset
RpcBindingFromStringBindingA
RpcBindingServerFromClient
tree_peek_ndr

version

VerFindFileW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileA

ntdll

ZwQueryDefaultUILanguage
ZwOpenThreadToken
RtlTryEnterCriticalSection
RtlOemToUnicodeN
RtlNtStatusToDosError
NtWriteFile
NtQueryInformationFile
NtNotifyChangeKey
NtGetPlugPlayEvent

Exports

Exports

OnlkVjcria
PctrfghJxte
VyDi
ans
foyuwqx
fuktjaKHfsJise
mHHljvQFndhuQb
pTcmxcccynkyhinCqz
pmduqa
qubtw
qyc
rbxjrMqzmqqekvtz
rvyknozozDmdzeWjlRi
tncTcgkejm
ugAnvnajqcAs
wjklxjy
wof
xadziYrulxtncykZah
yxKwnr

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 415KB - Virtual size: 979KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b73b2a5742d430c0e9facd8ee6591646

Headers

DLL Characteristics

File Characteristics

Imports

userenv

kernel32

crtdll

rpcrt4

version

ntdll

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 37KB

.data Size: 415KB - Virtual size: 979KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 38KB - Virtual size: 37KB

.data
Size: 415KB - Virtual size: 979KB

.rsrc
Size: 26KB - Virtual size: 26KB