bf14bff79ce6a5bab0fc247573ff6e18df7974fdd86aef1bcdfb404ba2790e31

Sharing

Copy URL

Twitter E-mail

General

Target

bf14bff79ce6a5bab0fc247573ff6e18df7974fdd86aef1bcdfb404ba2790e31
Size

3.6MB
MD5

78d57644fa9f689fdd50971af56c4932
SHA1

d8246a13cc5f5a44e981dc7b49f685f920f6d1df
SHA256

bf14bff79ce6a5bab0fc247573ff6e18df7974fdd86aef1bcdfb404ba2790e31
SHA512

b8dd876c87c9fc0c39e1d331a01991d31afe847601d79a94745115aa16b5508d13d44b720d04503a78b7278a45290e755c7304a12d32c4ba0c1fe2e3d16930c8
SSDEEP

49152:DT73Ob+g8a5Tmyu8Ln3pF416YqAHK+MGuZfc9RMtfGUTk4A8Zc+BltZ4Oa:DTDJYmydb3T414cnSxcwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf14bff79ce6a5bab0fc247573ff6e18df7974fdd86aef1bcdfb404ba2790e31

Files

bf14bff79ce6a5bab0fc247573ff6e18df7974fdd86aef1bcdfb404ba2790e31
.dll windows:5 windows x86 arch:x86

5fa29c79fe958fffaf266f97a2fb4154

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetFullPathNameW
SetThreadPriorityBoost
LocalUnlock
GetModuleHandleA
GetLogicalDrives
FindNextFileA
CheckRemoteDebuggerPresent
UnlockFile
GetModuleHandleW
WriteConsoleInputA
HeapAlloc
Thread32First
GetPriorityClass
ExitThread
GetLastError
WideCharToMultiByte
GetStdHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
Sleep
HeapFree
ExitProcess
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapReAlloc
VirtualFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CreateFileA
CloseHandle

gdi32

PathToRegion
GetWorldTransform
OffsetRgn
SetViewportOrgEx
GetBkColor

wintrust

WintrustGetRegPolicyFlags

user32

PostQuitMessage
GetMenuContextHelpId
GetSystemMetrics
GetParent
SendInput
CharLowerBuffW

Exports

Exports

SzohFtdhveri

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

|LdBHK
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 644KB - Virtual size: 649KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fa29c79fe958fffaf266f97a2fb4154

Headers

File Characteristics

Imports

kernel32

gdi32

wintrust

user32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

|LdBHK Size: 1.4MB - Virtual size: 1.4MB

.data Size: 644KB - Virtual size: 649KB

.rsrc Size: 4KB - Virtual size: 840B

.reloc Size: 136KB - Virtual size: 133KB

.text
Size: 1.4MB - Virtual size: 1.4MB

|LdBHK
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 644KB - Virtual size: 649KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 136KB - Virtual size: 133KB