bf36f1067af1306c4c390b5e9e02af3cb71ab5cc27d163ee8d9d25f49fa6726e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf36f1067af1306c4c390b5e9e02af3cb71ab5cc27d163ee8d9d25f49fa6726e
Size

1.8MB
MD5

6645f7f2d832ccea1564c46c6d32a520
SHA1

beabc5dc213e3957a6854a958cdf29887c9b6d2a
SHA256

bf36f1067af1306c4c390b5e9e02af3cb71ab5cc27d163ee8d9d25f49fa6726e
SHA512

8683d426fc4695e4945b2cf119f71aa0bd8ea809a301f23cca292e824b72dd81b2260b5356942a60a142b7abb271fd5eaff45b8a5442053646f4a4598dcb93e7
SSDEEP

49152:6uO7eGWlfN9keJDvTpAummpJsxqSc8EjKXLFx:6rfWSercJQ8wKXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf36f1067af1306c4c390b5e9e02af3cb71ab5cc27d163ee8d9d25f49fa6726e

Files

bf36f1067af1306c4c390b5e9e02af3cb71ab5cc27d163ee8d9d25f49fa6726e
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wxstenxn
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

basecvqs
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE