bd143b3b3c9a08354b2a0ac00b2bc2cac3c9f8d2f0a43d4fa4477f1c989f9117

General

Target

bd143b3b3c9a08354b2a0ac00b2bc2cac3c9f8d2f0a43d4fa4477f1c989f9117
Size

2.0MB
MD5

d3a527896e83447aec4e42eda66d3edb
SHA1

8d0c3c5a17d4cf51b8ee136a260e4e6595f4c15f
SHA256

bd143b3b3c9a08354b2a0ac00b2bc2cac3c9f8d2f0a43d4fa4477f1c989f9117
SHA512

420f64c244fbee1153c7ad6620c2eec8c6c0a262c75142057ccc2d76462a601a35cea0bd26fc0fa03a34c970cee6941a9f4dbbf80be76115a573cc0bac1c8c9c
SSDEEP

49152:tRw5EFf1embVOvfZEHdL6giRI+RsKauUL/cI:tyWFNHg5zR2V1k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd143b3b3c9a08354b2a0ac00b2bc2cac3c9f8d2f0a43d4fa4477f1c989f9117

Files

bd143b3b3c9a08354b2a0ac00b2bc2cac3c9f8d2f0a43d4fa4477f1c989f9117
.dll windows:5 windows x86 arch:x86

291f45a7561c28df956e65db6e375154

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
OutputDebugStringA
AreFileApisANSI
SetPriorityClass
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetModuleHandleA
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind
GetStringTypeA

mprapi

MprConfigTransportCreate

oleaut32

GetRecordInfoFromGuids

gdi32

SetDCPenColor

user32

SetForegroundWindow
SetMessageExtraInfo

Exports

Exports

AwcdthodsHlu

Sections

.text
Size: 1020KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 900KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 93KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

291f45a7561c28df956e65db6e375154

Headers

File Characteristics

Imports

kernel32

mprapi

oleaut32

gdi32

user32

Exports

Exports

Sections

.text Size: 1020KB - Virtual size: 1018KB

.rdata Size: 900KB - Virtual size: 896KB

.data Size: 88KB - Virtual size: 93KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 52KB - Virtual size: 48KB

.text
Size: 1020KB - Virtual size: 1018KB

.rdata
Size: 900KB - Virtual size: 896KB

.data
Size: 88KB - Virtual size: 93KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 52KB - Virtual size: 48KB