ba0ddb9a8d5d631a6d01146039f19357 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba0ddb9a8d5d631a6d01146039f19357
Size

90KB
MD5

ba0ddb9a8d5d631a6d01146039f19357
SHA1

9b93c39133114328d11ad4151dd11c7ea0a81d08
SHA256

e72aab30dcd8d4390c7b82146b18f38fd69972e75cbe35ec3dd2a74f5f8a6558
SHA512

8151163b315900ab9ca28228bce6605bc9ae879d11306b6c64b1544dcf7cf794e185c00fc87724197b774a42ba84255159df2dcb72cbab61ffbe1160cd6ecefa
SSDEEP

1536:FzBhX7TOyoHjieQpdsFBjc/AdtsYipZjXJM9QMEu:lvessFBjXsYiFyQMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba0ddb9a8d5d631a6d01146039f19357

Files

ba0ddb9a8d5d631a6d01146039f19357
.exe windows:4 windows x86 arch:x86

0ce0eac551e46c6de29136b6f12d72e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

unlha32

ord1

kernel32

MultiByteToWideChar
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
FindClose
FindFirstFileA
lstrlenA
lstrcpyA
CreateDirectoryA
CloseHandle
WriteFile
CreateFileA
DeleteFileA
LockResource
LoadResource
SizeofResource
FindResourceA
lstrcatA
GetVersionExA

user32

RegisterClassA
SendMessageA
DispatchMessageA
TranslateMessage
IsDialogMessageA
wsprintfA
CheckDlgButton
CreateDialogParamA
PostQuitMessage
LoadCursorA
LoadIconA
SetForegroundWindow
ShowWindow
FindWindowA
MessageBoxA
DefWindowProcA
GetMessageA
UpdateWindow
GetDlgItem
IsDlgButtonChecked

shell32

SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ