02babaf1aee5f1c7ef22778b993f3569 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02babaf1aee5f1c7ef22778b993f3569
Size

316KB
MD5

02babaf1aee5f1c7ef22778b993f3569
SHA1

f67423dd37abdca6989555dbce15bbcd63f8e6db
SHA256

e247b68c426eea39e9cdc9c9cac577180b429806cb2ceb46eb752804852f3b8c
SHA512

b2f23f713a0fbf9a4be74d778e5ed473efc02618814bf10b0dca4b556865f5e843c36166863ff1f52b9a86e1d81077ac07ee6d4068b437e53b288c76e09478ac
SSDEEP

6144:/hgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:/hgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02babaf1aee5f1c7ef22778b993f3569

Files

02babaf1aee5f1c7ef22778b993f3569
.exe windows:4 windows x86 arch:x86

b6d6984a1c4787df6d5cc826d07d3d6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GlobalFree
FindAtomA
FormatMessageA
GetEnvironmentStringsA
HeapCreate
GetCurrentProcessId
GetACP
GetCompressedFileSizeA
GetThreadPriority
GetCurrentThread
GetStdHandle
FlushFileBuffers
VirtualProtect
GetSystemDirectoryA
WriteConsoleA
GetModuleHandleA
GetExpandedNameA
IsDebuggerPresent
OpenSemaphoreA
InterlockedExchange

user32

FrameRect
GetCursorPos
ReleaseDC
IsIconic
GetWindow
SetForegroundWindow
FillRect
SetActiveWindow
ValidateRgn
GetFocus
GetDlgItem
EndPaint
GetWindowTextLengthA
DrawTextA
BeginPaint
ShowWindow
wsprintfA
GetClassNameA
GetParent

linkinfo

ResolveLinkInfoA
DestroyLinkInfo
GetLinkInfoData
GetCanonicalPathInfoA
IsValidLinkInfo

rtutils

LogEventW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ