ba60fc29028b9660be6d12d66f76857b | Triage

Sharing

General

Target

ba60fc29028b9660be6d12d66f76857b
Size

364KB
MD5

ba60fc29028b9660be6d12d66f76857b
SHA1

9684abce08d985751f05b7346f1f5e6e92602bfe
SHA256

942f95d4beb77bd3b0ded67f8f8bd0d650302bb26252d5b910681ebe1b5fa27b
SHA512

36675eec749f6e6dbd837827dd2bec0ac4843309cb2320a070eee3135cffac6f41bd80710f1fb6c710a2eef1e3244a6644851593a99b6dcf531caf03d80842cd
SSDEEP

6144:RTENYaV9XoE9pHCfj/xjlrNyTmDrZ+6IgsCm7esha2T64C8bq6qI8d6xZ52zkJfi:MYkHuT0Ty1+6MgQT64C5d0Z52AJfGoE9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba60fc29028b9660be6d12d66f76857b

Files

ba60fc29028b9660be6d12d66f76857b
.dll windows:4 windows x86 arch:x86

5e4c7e9dbe441774a5bfd36d4432ca6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DefDlgProcA
CreateMenu
CreateIcon
CreateCursor
CopyImage
CloseWindow
CharToOemBuffA
CharToOemA
CharPrevA
CharNextA
ChangeMenuA
ActivateKeyboardLayout

kernel32

GetFileSize
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
VirtualFree
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
SleepEx
Sleep
SetLastError
EnumResourceLanguagesA
EnumResourceTypesA
FindResourceA
FlushFileBuffers
GetLocalTime
GetVersionExA
LoadResource
RaiseException

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE