18da1c7aae6971bd503a60818e2deb60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18da1c7aae6971bd503a60818e2deb60
Size

717KB
MD5

18da1c7aae6971bd503a60818e2deb60
SHA1

934bdbc28ad7e74a5f19728e0ee36441d991b49f
SHA256

f449de7f83addaa342e09f15146372dd85afcea34c5ad3c7ef471ce6b824c89d
SHA512

1fbfde3f8874fad08818f84761db5ae2016f384e4413b51e054acdcb5944a2783878003ddb13eca5eca1a84dc54de92d57151188453834b2feda7324c28bcfa7
SSDEEP

12288:aUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQ:ekyTyxnSN4XG00tsL+LQ8cswQwsYC3hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18da1c7aae6971bd503a60818e2deb60

Files

18da1c7aae6971bd503a60818e2deb60
.exe windows:4 windows x86 arch:x86

e7d9cb148581eee45cb6dd96641ff309

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryExA
GetVersion
HeapWalk
InterlockedExchange
GetProfileIntA
VirtualProtect
TlsFree
ResetEvent
HeapReAlloc
GetModuleHandleA
CloseHandle
SetEvent
GetAtomNameA
lstrlenA
CompareFileTime
WaitForSingleObject
GetConsoleCP
FindAtomA
GetACP
GlobalUnlock

user32

LoadIconA
GetMenu
ScrollDC
SetSysColors
DialogBoxParamA
DispatchMessageA
GetSubMenu
TranslateMessage
DestroyMenu
GetParent
GetWindowTextA
GetKeyboardLayout
InsertMenuA
CopyRect
GetMenuStringA
PostMessageA
SetPropA
ShowWindow
InflateRect
MessageBoxA
EnableScrollBar
GetDlgItem
GetScrollRange
EqualRect
PostQuitMessage
GetWindowLongA
ModifyMenuA
UpdateWindow
SetWindowPos

msi

MsiGetMode
MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ