bf9b14f45358e3a14c75f1972d670d958981c5d232f7b086c4ad20572de80c78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf9b14f45358e3a14c75f1972d670d958981c5d232f7b086c4ad20572de80c78
Size

2.3MB
MD5

656a604f8ac9edc6fc9288910912b43d
SHA1

65f53a6ea4e0f5a2b0e6ce0c0650061390e05bcb
SHA256

bf9b14f45358e3a14c75f1972d670d958981c5d232f7b086c4ad20572de80c78
SHA512

7310393c9d0e69be86f814cbed4a04437bd2925baebd92704938ba087fc9db2d8c9cc6332fcf721d27f978d6ebaa8ae9adb227258ec68fc9ef689c689d87b6bc
SSDEEP

49152:zg69SebPPiKgYy2rx4HgpvDseQcu5pgyGGiC8kRBlT7Xd5:zg69SebiQJ9s5cGunGn8QP7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf9b14f45358e3a14c75f1972d670d958981c5d232f7b086c4ad20572de80c78

Files

bf9b14f45358e3a14c75f1972d670d958981c5d232f7b086c4ad20572de80c78
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 680KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vggomldu
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebvudiz
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE