bc6a7e4fa086aaaa07b4e2b6436ef0c598d4ded5fca3c3dfec7d3bf51d28c2ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc6a7e4fa086aaaa07b4e2b6436ef0c598d4ded5fca3c3dfec7d3bf51d28c2ba
Size

120KB
MD5

41df9894595d09e5713666cb5bf5d6fc
SHA1

9343906b831d5406fd0418f24ba2ea2422471d94
SHA256

bc6a7e4fa086aaaa07b4e2b6436ef0c598d4ded5fca3c3dfec7d3bf51d28c2ba
SHA512

8fe0001f96b389262c4036ee7f44f0740059a88062b7de0e59102ae57b801b39d838e64b4226eaeb6dc586f79b255ee1a73b5dd7ff8fa174da95df46af3a6449
SSDEEP

3072:4jUn3km9ek+7m2w+kGFYmMEgaIK25pA0IN:4K0/7ZwQ5MEgvPXRI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc6a7e4fa086aaaa07b4e2b6436ef0c598d4ded5fca3c3dfec7d3bf51d28c2ba

Files

bc6a7e4fa086aaaa07b4e2b6436ef0c598d4ded5fca3c3dfec7d3bf51d28c2ba
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ