1d18a5302a0207a245d5f9175bf7545a | Triage

Sharing

General

Target

1d18a5302a0207a245d5f9175bf7545a
Size

1.5MB
MD5

1d18a5302a0207a245d5f9175bf7545a
SHA1

73e9bec537d7121d1a08b22ace12a5508936091b
SHA256

7dd8bb56113f6c73344e258212bee5c4b6dec7518a94d7387e1bde84f5b652f8
SHA512

0de9467a559018ab6ae10c67318480e313693a5d184c666bb05070445b1d699edd5b86879482796c0934e024e294e6efe82334b2863f1ccae6a730d39adde596
SSDEEP

24576:tES1WYYLDvr+ZJWqxO8YFsZUhxvjdgij9gDc/XNV/tnwjbAEivW1i:CG4NFsyx7l5g2XLtnwvAhWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d18a5302a0207a245d5f9175bf7545a

Files

1d18a5302a0207a245d5f9175bf7545a
.exe windows:4 windows x86 arch:x86

283e7dcd71282cff782748d5286b4325

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
VirtualAlloc
GetFileAttributesA
GetModuleFileNameA
HeapAlloc
VirtualProtect
lstrcmpiA
GetTickCount
ResetEvent
GlobalUnlock
GetFileTime
FindFirstFileW
GetSystemTime
CreateMutexW
lstrcmpiW
CreateThread
FindClose
CreateProcessW
GetFileSize
HeapFree
GetUserDefaultUILanguage

user32

GetKeyState
CloseDesktop
FindWindowExA
DrawIcon
MsgWaitForMultipleObjects
GetClassNameA
CharLowerBuffA
EndDialog
ExitWindowsEx
GetWindowLongA
GetClipboardData
GetForegroundWindow
GetWindowThreadProcessId
GetIconInfo

advapi32

CryptAcquireContextW
CryptCreateHash
CryptGetHashParam
GetUserNameW
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
DuplicateTokenEx
CryptHashData
RegEnumKeyExA
RegQueryValueExA

shlwapi

PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
StrStrW
wvnsprintfW
wvnsprintfA
StrCmpNIA
PathFileExistsW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE