ba2c7299f2502e120e50af47a20a78be5c77aff98ab37d81f06ec73dcbd6d01c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba2c7299f2502e120e50af47a20a78be5c77aff98ab37d81f06ec73dcbd6d01c
Size

169KB
MD5

f89fe91fdd14e40904b49d37321bc690
SHA1

ff4db8e02ed39e867c21ab743cbe91f137ab6636
SHA256

ba2c7299f2502e120e50af47a20a78be5c77aff98ab37d81f06ec73dcbd6d01c
SHA512

d59fd9e324c593e03c2af6c202d1a3782911068ad2cd4a550987cd7cf63e71576c87daaa8542ef6e1be2214f053aca37308eed638235937f31818285347ecf65
SSDEEP

3072:AXEddcuQQk0P6ahLtFit4Vvc79rZgE05kJETLpWnOoklcrklzRk2qM8ZzjAn9r:/XKQ1CahxAtovmXGImLp9kkleJFZzj

Score

N/A

Malware Config

Signatures

Files

ba2c7299f2502e120e50af47a20a78be5c77aff98ab37d81f06ec73dcbd6d01c
.dll windows x86

604af5cd27fa86801742fdf7dd75fd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose

basesrv

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Exports

Exports

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Sections

.text
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ