bd3520225ea6364089a171b6acb57e0765badb79f391dcc09ca7bab201ce1cac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd3520225ea6364089a171b6acb57e0765badb79f391dcc09ca7bab201ce1cac
Size

175KB
MD5

308dd1079da0d1912213154be117529a
SHA1

11da51254e0e1946cb045c966377c4d533d30c7c
SHA256

bd3520225ea6364089a171b6acb57e0765badb79f391dcc09ca7bab201ce1cac
SHA512

33bc7df20f254da6844a8fb766f9070ba5ad49b911ca3acbd2e919a9fd90eb5c97cf15f9e606b96415f58ba37fefb5f5ada12bfa22d36fa99dccdb1c5d8708da
SSDEEP

3072:Lz5hefeYKN2wHm5+lcU59MiRKpEau5pBs+2keKdJOkq7C9n:HDefV5+ciKpy5pskeKdft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd3520225ea6364089a171b6acb57e0765badb79f391dcc09ca7bab201ce1cac

Files

bd3520225ea6364089a171b6acb57e0765badb79f391dcc09ca7bab201ce1cac
.exe windows:4 windows x86 arch:x86

bd509de19da7c7c322d26fb2273fbce0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
LoadLibraryW
CloseHandle
PrivMoveFileIdentityW
WriteFile
MoveFileW
CreateMutexA
CreateEventA
DuplicateHandle
GetProcAddress
WaitForSingleObject
CreateFileMappingA
OpenProcess
CreateDirectoryW
GetProcessId
ReleaseMutex
VirtualAlloc
GetSystemTime
CreateFileW
EnumResourceTypesA
AddAtomW
VirtualFree
GetFileAttributesW
LoadLibraryExW
ExitProcess
SystemTimeToFileTime
GetStdHandle
DeleteAtom
GetFileAttributesA
UnmapViewOfFile
ProcessIdToSessionId
GetUserDefaultUILanguage
LoadLibraryA
lstrcpynW
MapViewOfFile
GetModuleFileNameW
OutputDebugStringW
FindAtomW

user32

GetWindowInfo
GetDC
CreateWindowExW
MessageBoxW
RegisterClassExW
LoadCursorW
GetUpdateRgn
EndDialog

oleacc

LresultFromObject

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ