18fb5f66d640d4d09bf3669b7dfd637e0877c170d9aa2d403ce0dfb50a7798b3[.]exe | Triage

Resubmissions

02/07/2023, 06:58

230702-hrwhvaah62 3

02/07/2023, 06:48

230702-hk9rwsca4y 3

Sharing

Copy URL Twitter E-mail

General

Target

18fb5f66d640d4d09bf3669b7dfd637e0877c170d9aa2d403ce0dfb50a7798b3.exe
Size

9.0MB
MD5

749ac3a3b4dccf3e21fc556146c576e7
SHA1

202ecaf95c96e8ada39d3afeed7c6950fde3af6e
SHA256

7ccde801d73132b788c532cd2eb05b92a56db588e140f51303516abe92d08a3d
SHA512

0718e076ecd548bd9734f61a670a21767d313836bfb31eb8f8c043c6cf0dbfaecd5e38bc8ac956d168c318c2ea425ef7505462a142b2143fedab26dd2254813e
SSDEEP

98304:mDsXAebvst6lNuHXFqzxsWoXOTWNfIek9AuuoF:mYQToD1oXOTWle96o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18fb5f66d640d4d09bf3669b7dfd637e0877c170d9aa2d403ce0dfb50a7798b3.exe

Files

18fb5f66d640d4d09bf3669b7dfd637e0877c170d9aa2d403ce0dfb50a7798b3.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ