018a80401297909137fe478810d7e138 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

018a80401297909137fe478810d7e138
Size

30KB
MD5

018a80401297909137fe478810d7e138
SHA1

18a5c7e87a56e11a0742de48196f4859bd8acc7f
SHA256

4dc8a119ee550504758b81770538b228571eb9ad0f1a5507cc60e391a1195169
SHA512

c65b6572f798f9b11892fcd3fda0352f053a32977c326956eaf5095de739483cd064a025401e82895a1d3c869a111119ab5173f62733c7583ac55b606e668634
SSDEEP

768:29vHm21erbwM066Kz/Gksg57xEF5AqdY1O/odpR/QE0gLEPWAb0:29vX1erbwMpz+Jg5tEF5AqdYaqQWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018a80401297909137fe478810d7e138

Files

018a80401297909137fe478810d7e138
.exe windows:4 windows x86 arch:x86

6778123db7ed23aed11826c4a2277eef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
SetEnvironmentVariableA
GetCurrentThreadId
LoadLibraryExW
Sleep
SetLastError
CloseHandle
TerminateThread
GetConsoleMode
CreateFileA
FindResourceA
LocalFree
GetModuleHandleA
lstrlenW
GetStdHandle
HeapCreate
CreateMutexA
GetPriorityClass
TlsGetValue
ReleaseMutex

user32

GetDC
IsWindow
SetFocus
GetCaretPos
FillRect
GetIconInfo
CopyRect
CallWindowProcA
DrawMenuBar
DispatchMessageA
CheckRadioButton
GetDlgItem
DrawEdge

apphelp

SdbGetDatabaseID
SdbCloseDatabase
SdbFindNextTag
ApphelpCheckIME
SdbFindFirstTag

clbcatq

ComPlusMigrate

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ