bfbd1f9d3ce63385af8722247607351c8847c0722962ed1768d6d835040fa9d1 | Triage

Sharing

General

Target

bfbd1f9d3ce63385af8722247607351c8847c0722962ed1768d6d835040fa9d1
Size

2.5MB
MD5

9aa672f3b2701ecdc90dd97e3efcbabd
SHA1

1621883ffb99a49e78e5eeb14a3883680218ce3d
SHA256

bfbd1f9d3ce63385af8722247607351c8847c0722962ed1768d6d835040fa9d1
SHA512

76c46f2623a8cba0407220675479d650f5b9898453c094d151dac04e0ee3aeb5bd03ff7bf0ae36dedef20a318a7e6bd780667d3ba7ccdfe5c3355eeed88676ab
SSDEEP

49152:M9IjGoIFxD+HAKcS3GbRQVOiISSCeTy40syHCJI6XTg:MaWnykbRMZeTy40rCy6Dg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfbd1f9d3ce63385af8722247607351c8847c0722962ed1768d6d835040fa9d1

Files

bfbd1f9d3ce63385af8722247607351c8847c0722962ed1768d6d835040fa9d1
.dll windows:5 windows x86 arch:x86

ec87aa731d000495d0c07a600ad26731

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
LoadLibraryExA
GetModuleHandleW
GetUserDefaultLangID

mprapi

MprAdminPortDisconnect

advapi32

GetOldestEventLogRecord
RemoveUsersFromEncryptedFile

oleaut32

SafeArrayCreateVector

gdi32

AbortDoc

user32

LockWindowUpdate
ChangeMenuW
TrackPopupMenu
ReleaseCapture

Exports

Exports

VzhhoaeEnwsasio

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 81B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ