ba9e51558ff40de299f1493e025e4c95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba9e51558ff40de299f1493e025e4c95
Size

170KB
MD5

ba9e51558ff40de299f1493e025e4c95
SHA1

0679d44964fd5da50cc50e2a0600de1d4d5b5603
SHA256

5f45b0ea546e2d00dab6a5c768045357d366dc7f6c9e14e437273e6e83c31c89
SHA512

dcea0b24d906c03be60108e802fe5c3b5499d45ca17deaa6564c0145598a9b9cc38126b244bec95a5b41a74c24ea5ac78f9bdf5923f05e60923dfea4c6901952
SSDEEP

3072:DC5QxZVKmOqqFLnKTergVEsVVGHTqaZHTTS4vNEcx427Ehg1lxKZsQXffG:+5QwaiQesNVVGHWUzhvNRx427EhnsQHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba9e51558ff40de299f1493e025e4c95

Files

ba9e51558ff40de299f1493e025e4c95
.exe windows:4 windows x86 arch:x86

3d79e7d42b33041d5ea246fda08bc7a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
VirtualAlloc
SetFilePointer
GlobalGetAtomNameA
GetDateFormatA
GetTimeFormatA
GetACP
GetLocaleInfoA
SetStdHandle
TlsAlloc
MultiByteToWideChar
EnumResourceNamesA
TlsSetValue
GetCPInfo
HeapSize
IsValidCodePage
TlsGetValue
CreateHardLinkA
WriteConsoleA
RtlUnwind
HeapReAlloc
GetConsoleOutputCP
RaiseException

shell32

SHGetFolderLocation
ShellExecuteExW
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
SHGetPathFromIDListW
SHGetFileInfoW
DragAcceptFiles
SHGetMalloc
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 78KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ