bfc436e8360f8c04bdb987594e828e13

General

Target

bfc436e8360f8c04bdb987594e828e13
Size

67KB
MD5

bfc436e8360f8c04bdb987594e828e13
SHA1

f2df683c1a6cd100711e3935ea04ff927e0cbbde
SHA256

8bd5511f96d2da3fa43d14037497454e36951ff8d51f88baf944e94908b60fe3
SHA512

5a787ef336cc6e0ede9510d4ac629e67f4c1afe7ba77a271f3dae82104d1afdce0f83c908426c6a133a4c6b962d22b58f88535ab3e9a0756286e42272d5815a8
SSDEEP

768:eewNhVbgBQAe+3KmxviS6Ht2kwgoGyj5Y6GcBl2k8sxjTvD3iyB5y2y6s5Oa3orc:eBt8ZJiS8tXYX8spTvlQWgotC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc436e8360f8c04bdb987594e828e13

Files

bfc436e8360f8c04bdb987594e828e13
.exe windows:4 windows x86 arch:x86

36172cfc10fe1c5068b3f12e4846cad4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenWindowStationA
EndDialog
GetWindowThreadProcessId
GetClassNameA
GetCursorPos
GetWindowLongA
GetDlgItemTextA
GetMessageA
SetThreadDesktop
GetDlgItem
ToUnicode
SetProcessWindowStation
CloseDesktop
GetKeyboardState
SendMessageA
LoadCursorA

kernel32

WaitForSingleObject
lstrcpynW
lstrcatA
VirtualAlloc
WideCharToMultiByte
GetLastError
lstrcpyA
VirtualProtect
CloseHandle
InitializeCriticalSection
SetFilePointer
GetFileAttributesA
LeaveCriticalSection
GetModuleFileNameA
GetSystemTime
SetFileTime
FindClose
Sleep
GetProcAddress
GetTimeZoneInformation
EnterCriticalSection
CreateMutexW
GetModuleHandleA
ExpandEnvironmentStringsW
SystemTimeToFileTime
GlobalUnlock
HeapFree

shlwapi

PathMatchSpecW
StrCmpNIA
SHDeleteKeyA
PathCombineW
PathFileExistsW
StrStrW
PathRemoveFileSpecW
PathFindFileNameW
wnsprintfA
wvnsprintfA
StrCmpNIW

advapi32

RegCreateKeyExA
RegSetValueExA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
GetUserNameW
RegQueryValueExA

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36172cfc10fe1c5068b3f12e4846cad4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 512B - Virtual size: 16KB