1ba0ee97381c7e26589f56a8e45212c784ccfc41b9bb57eb783964be5afb49c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ba0ee97381c7e26589f56a8e45212c784ccfc41b9bb57eb783964be5afb49c9
Size

305KB
MD5

5dfa7d4bfec8eaeb38f111175dfe9ccf
SHA1

2bb5da1fcdfe815771b559c99871b1b4f4470dce
SHA256

1ba0ee97381c7e26589f56a8e45212c784ccfc41b9bb57eb783964be5afb49c9
SHA512

2fa8da92427ddcd60266b725c8d4fd57e9406d77424a388e1d6751b6838eccc44f3074c55b1ac3444ae9b3af870050d9765b67a01aa93dac1af6e98dd2f20c6a
SSDEEP

6144:in2lnHHnHrLrLLrLrDd0DrYEyaYUeW5gtHc+Bz0J/FX6p9uaoY4/R6AY7:Ik0D8Ey5UJ5H+BWQ9uaoYDAw

Score

N/A

Malware Config

Signatures

Files

1ba0ee97381c7e26589f56a8e45212c784ccfc41b9bb57eb783964be5afb49c9
.exe windows x86

b4838d3b349d6d5b12776c7f0244f304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
SetEnvironmentVariableA
CreateFileMappingW
DeleteFileA
GetShortPathNameW
GetModuleHandleW
InitializeCriticalSection
GetStringTypeA
SetVolumeLabelW
CreateSemaphoreW
DeleteFileA
SetCurrentDirectoryA
GetACP
DeviceIoControl
GetProcessHeap
CreateMailslotA
DeleteFileA
FatalExit
GetStringTypeW
GetConsoleAliasA
CreatePipe
WriteConsoleW

mshtml

DllEnumClassObjects
ShowModelessHTMLDialog
ShowHTMLDialog
ShowModalDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ