bfa3181b271fa74f0e1b942d752dbbc5a88d2287a7001caa3a2a7d08b14e2de9N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfa3181b271fa74f0e1b942d752dbbc5a88d2287a7001caa3a2a7d08b14e2de9N
Size

76KB
MD5

2ad0874134cd3fc254225acac9574020
SHA1

74d3c763f6f9d30eb34eab60234097b4d0f5485b
SHA256

bfa3181b271fa74f0e1b942d752dbbc5a88d2287a7001caa3a2a7d08b14e2de9
SHA512

4580660ca84c04ec0e55421d546e7ce66016989166adb0879451eaa7345e24df565713e362b4a06a3c9f5d272f9814df10fde65d77e5d26d90f4297f6d43896a
SSDEEP

1536:AeffffX5GhMTFYqaPdeqXRX05bmZmwYVGgJMNERF+UGvrQ7pjVrs2ryrd1vUQuq6:SVecXibmZmwYVGgvF9GTQ7Hs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa3181b271fa74f0e1b942d752dbbc5a88d2287a7001caa3a2a7d08b14e2de9N

Files

bfa3181b271fa74f0e1b942d752dbbc5a88d2287a7001caa3a2a7d08b14e2de9N
.exe windows:4 windows x86 arch:x86

b82084a292bd4dc540ac58a277caa160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleNlsMode
LocalFileTimeToFileTime
SetCommMask
RegisterConsoleIME
ScrollConsoleScreenBufferA
FindNextFileW
LZClose
Heap32Next
GetConsoleTitleA
RegisterWowExec
GetPrivateProfileIntA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE