bab2dcffdec80fc9835fd3604f1108b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bab2dcffdec80fc9835fd3604f1108b2
Size

537KB
MD5

bab2dcffdec80fc9835fd3604f1108b2
SHA1

a4191d4260c4b8e1bced49c24b05b8faf5a087bc
SHA256

23f34eff97a95a0c8bafdeefea50eadc036050d874dabaafb035ca2a8ed284ae
SHA512

21df8ca3cdad17a4a6b4facddf8b0e8d40b7082e6d272f564e9826c0e3d62242c7d8f6ba5269bbe2ffb19991f4a28e42622702a7a247b00a487e461a4c209deb
SSDEEP

6144:vbU7RiMxFvTDEPGbKOHbuE3mIF4gV1DMekORrdxbepHxagkx7KSbunTo:vo34EWCg/iHbepHxkxRynTo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bab2dcffdec80fc9835fd3604f1108b2

Files

bab2dcffdec80fc9835fd3604f1108b2
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\branches\1.3.d\Code\Bin\StarCraft II Editor.pdb

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE