balgo[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

balgo.exe

windows7-x64

balgo.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

balgo.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

balgo.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

balgo.exe
Size

720KB
MD5

ef6ba33b29f06249311da899552c5b08
SHA1

52ab07816b5c2a4c51243f2ea53e3c52d3872ad6
SHA256

07757804bbd6aa977e303efaeae9731b3ea92a1592e3924df4550c34e00f99c8
SHA512

19f2a1bb8c1f4c47e8fa244c2a39c7503ca2347e573b1a6725e0a708e2fdb95c156dbb4817bc81d0dcb5a2ee2f5518f9a4f852ca60838c2ac6d2184676682b66
SSDEEP

12288:2PNOlEdnfm26gA2iRqPu6Qrb/TLvO90d7HjmAFd4A64nsfJNCca+5aT60p:2P/+2DZikPu6Qrb/TLvO90d7HjmAFd48

Score

N/A

Malware Config

Signatures

Files

balgo.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 789KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 820KB - Virtual size: 819KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy