bfdb7c1365f61e4075504991d8ae5bb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfdb7c1365f61e4075504991d8ae5bb6
Size

72KB
MD5

bfdb7c1365f61e4075504991d8ae5bb6
SHA1

a03a7c56933a17dc06f5b2928cd46342b2780079
SHA256

46da0e4df9da1f9416786528b3b45f3c589c1464fb32f063e706267912898af9
SHA512

9e3058dc8844ddaebae2de6ffe1d3b1c32a7b1ed9d6a901a18acfddbd2a5cc32b643e342eaecd582db6bb44eee761ffdae407e943c4cbc1f3db1f073a3ebbdd3
SSDEEP

1536:6IvxtcmzxhzfMfMfMfMfMfMfMfM5m5m5m5m5m5m5KWJJk/9gZMM/MM/MM/MM/MMC:tY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfdb7c1365f61e4075504991d8ae5bb6

Files

bfdb7c1365f61e4075504991d8ae5bb6
.exe windows:4 windows x86 arch:x86

43cc4f791d528392037cab90d4ce2555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCurrentThreadId
FreeLibrary
VirtualAlloc
DisableThreadLibraryCalls
GetModuleHandleA
GetCurrentProcessId
GetSystemTimeAsFileTime
SetLastError
LoadLibraryW
QueryPerformanceCounter

ntdll

NtAddAtom

atl

AtlMarshalPtrInProc

Sections

.textbss
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ