18789d6b2155e4755feb98b5629babb7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18789d6b2155e4755feb98b5629babb7
Size

72KB
MD5

18789d6b2155e4755feb98b5629babb7
SHA1

1e76a4b48299639cd6e2794ef4717876d66f0055
SHA256

368c201e22917c5a6391e19ff1efe6a404fa80d4dcf4954979c7d07c6f6373b6
SHA512

9e35ed92d69733291a673d93cb13b8c51e77a033367ccb74c40b18f1c116eae5b6e9b42c01afafb59c6dbca9b1f7e3b9419a251827e5016cd0d6e4253c732905
SSDEEP

1536:aytO7Y2Jl55zbHPVh+8/+bR+O0fk1zDjz2HfK:aytF2Jl55/Ld/gvuHfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18789d6b2155e4755feb98b5629babb7

Files

18789d6b2155e4755feb98b5629babb7
.exe windows:4 windows x86 arch:x86

8ca4c14094b26dfbe9f201bd16429421

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoFreeUnusedLibraries
CoResumeClassObjects
OleCreateLinkToFileEx
CoGetStdMarshalEx
CoDosDateTimeToFileTime
OleGetClipboard
OleNoteObjectVisible
OleGetIconOfFile
CoAddRefServerProcess
CoGetStandardMarshal

msvcrt

atol
bsearch
_ltow
__mb_cur_max
wcsncat
_strtime
_strlwr
_vsnprintf
__dllonexit
_stricmp

user32

UnionRect
RegisterClassA
CloseClipboard
IsZoomed
DeferWindowPos
UpdateWindow
SetClassLongA
SetForegroundWindow
InvalidateRect
GetParent

gdi32

SelectObject
BitBlt
RestoreDC
GetBkColor
Ellipse
CreatePen
CreateCompatibleDC
SetBkMode
CreateSolidBrush
Rectangle

kernel32

SetUnhandledExceptionFilter
MapViewOfFile
GetStringTypeA
CreateProcessA
QueryPerformanceCounter
OpenProcess
GetCurrentProcessId
LoadLibraryA
GetACP
HeapReAlloc
TerminateProcess

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ