bfb33cbdc19670a045ef3d27b56ccc99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfb33cbdc19670a045ef3d27b56ccc99
Size

19KB
MD5

bfb33cbdc19670a045ef3d27b56ccc99
SHA1

19d95fcba48f37e1f618d28b1db6e9d291331a8c
SHA256

c1a54471a936483da08b6b40d24655ac828742d022a609d9348d07902a549e29
SHA512

dc26c344a011c84ca45084fb13fb29a9e9eed37a60a7af23519727d160f81be6142ab03264bc96b4a4ee663fd0bec785193eb9e8450bca82fefc6d5c95c95dfa
SSDEEP

384:wBtf9Z6B+PgykMkC7lf7Tmg4VgS/zVoS2gl5CZFrEPq6/17RP:EtfSd1o7lf7XFSpXEZFgPqAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb33cbdc19670a045ef3d27b56ccc99

Files

bfb33cbdc19670a045ef3d27b56ccc99
.exe windows:4 windows x86 arch:x86

51207dfc25c25d155264531e776f1bb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrlenA
GetSystemTime
lstrcatA
DeleteFileA
CloseHandle
GetFileSize
lstrcpyA
SetFilePointer
WriteFile
GlobalFree
RtlUnwind
CreateFileA
GetSystemDirectoryA
LoadLibraryA
GetLastError
GetProcAddress
Sleep
FreeLibrary
CreateThread
ExitProcess
GetModuleFileNameA

user32

wvsprintfA
wsprintfA

advapi32

StartServiceCtrlDispatcherA
SetServiceStatus

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE