Static task
static1
General
-
Target
Blali.exe
-
Size
34.8MB
-
MD5
59e8021cb011d6bfb79c980edc3a26b2
-
SHA1
88278b5a38f359e1452a77d518096cf035454e06
-
SHA256
3733084edb7e0f06aba108bf722f39b7e763455e185248349a969aaa6c44d3e0
-
SHA512
0b03cf7142d6fd44e365e356bc18d0b157c2ae140f80e853bd2d8df17d742626c27eb8fbde3c1da345cb997c71b6ad2536cb8f6155b705735d971b2dd69e0d7d
-
SSDEEP
786432:6vNalYOHfAzp1TgvIis52i5ZFYsT7Rd73++/d+zVj3O9wxQ:6vydH4zKVm2qfbTtdDej3OSa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Blali.exe
Files
-
Blali.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 440KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 16B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 93KB - Virtual size: 93KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ