ba87cb9e9fc03e38c26cf94b000f85cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba87cb9e9fc03e38c26cf94b000f85cb
Size

193KB
MD5

ba87cb9e9fc03e38c26cf94b000f85cb
SHA1

90f16bfd666e763dc31c7abf8d5ea4c5b4f6d665
SHA256

9c4c39066a2c6683f81d78686c6375f9028a920ad77789d810cd7e5cbff9df02
SHA512

42da9bec109ee9eaab09597c1b83f2c708bfb4d98cebef7ea6d939432d2626d5444e35e30adb8b10020c61f066ac523a97d1a66a3d4deeda35efa22381ee9367
SSDEEP

6144:pfhd+d3pK+YFrf0LJSxvts2ZN88xDxyigyzWOg:pJ4d30DFL0L8nBnIP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba87cb9e9fc03e38c26cf94b000f85cb

Files

ba87cb9e9fc03e38c26cf94b000f85cb
.exe windows:4 windows x86 arch:x86

a443c941cb2052dae3b30181f94f783b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
LCMapStringA
CloseHandle
GetCurrentProcess
ExitProcess
CreateFileA

user32

CreateWindowExA
wsprintfA
SetWindowLongA
CharLowerBuffA
CloseWindow

advapi32

RegCloseKey
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueA

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ