0badeaa15917cde11e4994539a536494 | Triage

Sharing

General

Target

0badeaa15917cde11e4994539a536494
Size

68KB
MD5

0badeaa15917cde11e4994539a536494
SHA1

105523ae48706cb5de88cc827d03d6f3197ca097
SHA256

56f1b4bc6868c62c62d258d1bf7b5927bc3c745a7825e22b2639eca18e1392f1
SHA512

6e05b8d0693d4c306547e25f7575bd6722509fdf072523d006f61c2116c9c5378569714fe90d2c3eccd6aef6cfa9437eea5c812d97ba74c9f61a9bd971a48124
SSDEEP

1536:3pz8+HptZUqIq7es/vKIlrEJkPUgrqQYldvq:3RJp/vzrENlN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0badeaa15917cde11e4994539a536494

Files

0badeaa15917cde11e4994539a536494
.exe windows:4 windows x86 arch:x86

194bd99e9478f9da09cb85ea6935b66e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetEvent
ReleaseMutex
FindResourceExA
FindAtomA
CreateThread
GetLastError
FindVolumeClose
lstrlenA
GetDiskFreeSpaceA
TlsGetValue
Sleep
SearchPathA
FindClose
GetTickCount
GetModuleHandleA
GetCalendarInfoA
CloseHandle
VirtualProtect
DeleteCriticalSection

user32

GetMessageA
GetKeyState
EndDialog
CreateWindowExA
EnableWindow
CreateMenu
DialogBoxParamA
DragDetect
DispatchMessageA
GetUpdateRect
GetScrollBarInfo
CopyImage
IsIconic
CloseWindow

msdmo

DMOEnum
DMORegister
DMOGetName
DMOUnregister
DMOGetTypes

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ