ba4f2b516b4b372742de884944292449 | Triage

Sharing

General

Target

ba4f2b516b4b372742de884944292449
Size

5KB
MD5

ba4f2b516b4b372742de884944292449
SHA1

889f0f182ef71b326982f3e6616a9f47e55ae650
SHA256

ee3cd207b3b02f9e21cc56bd62cec174885d7954bd5ded7416d8e07f829fe37a
SHA512

3ec36ce10c5a55d226c1590a9a1df363999f87d393aab62e2f706dd433b63cb5e9d795c39ff9f3739e06fd872f0b936420eededf9516a3965692c5971101d38c
SSDEEP

96:ImeyYlPULlZC6RMUxEETqTcvTPTJm9M3LQ4QlFLdUD:fey/L+6H24v7d0GLvad8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba4f2b516b4b372742de884944292449

Files

ba4f2b516b4b372742de884944292449
.exe windows:4 windows x86 arch:x86

6e5babe4629dd3c0c5f6f44914215c37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateEventA
OpenEventA
GetCommandLineA
SetFileAttributesA
FreeLibrary
GetModuleHandleA
lstrcatA
GetSystemDirectoryA
WideCharToMultiByte
lstrcatW
lstrcpyW
GetCurrentProcessId
CompareStringA
ExitProcess
SetEvent
CreateThread
ExitThread
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot

user32

DestroyWindow
wsprintfA
CloseWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE