1808b66a3f42fb32a771f7a4d4dd4969 | Triage

Sharing

General

Target

1808b66a3f42fb32a771f7a4d4dd4969
Size

32KB
MD5

1808b66a3f42fb32a771f7a4d4dd4969
SHA1

5d66e08de1afe16e52bcfd22281386a4825210b2
SHA256

9ae2cacb9782647f8c1b54bd7d72ec91c6b438b9b235b1f88513e70d1dc19a2d
SHA512

d99ed6bdf3d04fd7d0d918b9dc44ea8ad14e58e1fdd39a428e1817ce148bf8392fd4d635adcf3283562d997f74f641e38fc67858072c7cae752c789bcce26080
SSDEEP

768:lfDBjTPfbKGFHiUCaYNdGjAIjNgm6WLCdhq:pwMmN0MKVCdhq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1808b66a3f42fb32a771f7a4d4dd4969

Files

1808b66a3f42fb32a771f7a4d4dd4969
.exe windows:4 windows

ea1d6384f71ca191ce4d0c59b1294a4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetTempPathA
lstrlenA
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateFileMappingA
CreateProcessA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetDriveTypeA
GetFileSize
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GetTempFileNameA
lstrcpynA
GlobalAlloc
GlobalFree
LoadLibraryA
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetFilePointer
UnmapViewOfFile
VirtualAlloc
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA

shlwapi

PathFindExtensionA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ