bc84c3a9cfeb083fe41a238c55ea3163b5c9e5103fee0a7d7f4d8a1236b6d22d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc84c3a9cfeb083fe41a238c55ea3163b5c9e5103fee0a7d7f4d8a1236b6d22d
Size

3.1MB
MD5

5c0d04ccd0cbcd8cc90a502df8b512e7
SHA1

0f905a137b801a69cf498fc0f8c5f00e75c5e689
SHA256

bc84c3a9cfeb083fe41a238c55ea3163b5c9e5103fee0a7d7f4d8a1236b6d22d
SHA512

2d8d2630d4c362c67bc54bad9b49dd0b11a5b9623cf106099b141e3fcf66d8032a3b855169bd636febfe517f0c8581df62f70e77af3c9cc7691ac407f7391d23
SSDEEP

49152:fEOGfMr0UrM21zm6mVonU7JCGjh9FDrjop1jy50JtrD2sGxgLJ+r8+NSR63xrO0s:rtr0CnnGJCGl9GDnrNGaLJ5RKxy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc84c3a9cfeb083fe41a238c55ea3163b5c9e5103fee0a7d7f4d8a1236b6d22d

Files

bc84c3a9cfeb083fe41a238c55ea3163b5c9e5103fee0a7d7f4d8a1236b6d22d
.exe windows:6 windows x64 arch:x64

dde04a4a91a59ef24083f245b804ae7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetCursorPos

advapi32

RegCloseKey

shell32

SHGetFolderPathA

ole32

CoCreateInstance

oleaut32

VariantClear

Sections

.MPRESS1
Size: 3.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE