ba0a9a89f0a19b8994a5d3ff4e45b43389192e2a6c4fbc4e28f74db530b28b01 | Triage

Sharing

General

Target

ba0a9a89f0a19b8994a5d3ff4e45b43389192e2a6c4fbc4e28f74db530b28b01
Size

375KB
MD5

c987eb98459174629787ee9fe785a9ac
SHA1

2f3a3fe6791f6a645aa36c1291cf5a1a24ac8458
SHA256

ba0a9a89f0a19b8994a5d3ff4e45b43389192e2a6c4fbc4e28f74db530b28b01
SHA512

609249e8867fd5cac4169247245dc3f93cc48dddb166c2b200cfc6795d1ab80f15042109145f7cf903105013a2aa742638e1de0d63d67f9651788e155e85199b
SSDEEP

6144:QsvtpU6HqlwuvS0ot2gWKvxVGySgMW/nZwoQTP0t104+bzgaTIjSXzrK7aBgBJS6:NvtpU6HqOaS0gTWKvxR5nQTP0HhMgaTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba0a9a89f0a19b8994a5d3ff4e45b43389192e2a6c4fbc4e28f74db530b28b01

Files

ba0a9a89f0a19b8994a5d3ff4e45b43389192e2a6c4fbc4e28f74db530b28b01
.dll windows x86

75fe88ff0fdbf46d39c99b72c07f234f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfW

advapi32

CheckTokenMembership

ole32

CoTaskMemFree

shlwapi

PathFileExistsW

psapi

GetMappedFileNameW

version

GetFileVersionInfoSizeW

wininet

InternetReadFileExW

dnsapi

DnsFree

ws2_32

inet_addr

iphlpapi

GetAdaptersInfo

rpcrt4

UuidCreateSequential

Exports

Exports

CB_Init
DllEntry
DllProc

Sections

.text
Size: 368KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE