ba8f12df79757d8593ca024ce6ebd3b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba8f12df79757d8593ca024ce6ebd3b8
Size

861KB
MD5

ba8f12df79757d8593ca024ce6ebd3b8
SHA1

0298aa09f0ca55492dce088b153bf009ea8bcecb
SHA256

8d636a08613a813525718e207c2decbbc98327b5a654323700f607db881e5a59
SHA512

c976108799e07c550495c40f16e0111a0b783b60532299e6fe98627f8134bc859a77a55fb91667e9532898e60828086f60710472b803795c2f4ef994b040868b
SSDEEP

24576:klO9Cj/Roeo2uP39jX0DBLnTT39jX0DBLnTWoIPo:klO9uRoeoDvtmLvtmLqo6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba8f12df79757d8593ca024ce6ebd3b8

Files

ba8f12df79757d8593ca024ce6ebd3b8
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\franklin\AppData\Roaming\Yonetim\obj\Debug\Eczane Yönetim Sistemi.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ