ba00b9c682c24d93a14146f26f208fcd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba00b9c682c24d93a14146f26f208fcd
Size

1.1MB
MD5

ba00b9c682c24d93a14146f26f208fcd
SHA1

99a26b36d477194269e37e039e1848125681d6c9
SHA256

5eaf9378fc2174b81ebf3dd539ac22a80219d530eb599dba28afceadae020b46
SHA512

98545337d13c4b91b2a1baa4e40e187b02c7182ee97018c6d22066383741d771318214baacd1596857fa1471c715b134eb6f16481308854e7d452556313b8133
SSDEEP

24576:1D4pUqrXULEy2ekjQbPhG0+6gUxsNrKGv2dKRmmvy:mpU+XaCjQU0+6jSrn28Rmz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba00b9c682c24d93a14146f26f208fcd

Files

ba00b9c682c24d93a14146f26f208fcd
.exe windows:5 windows x86 arch:x86

e55db66e55953086ea31d90efc59f1bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
ExitProcess
LoadLibraryA
GetCurrentProcess
CreateFileA
LCMapStringA

user32

wsprintfA
SetWindowLongA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegEnumKeyA
RegOpenKeyA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ