18f1c754de08064655c98e01483d4b9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18f1c754de08064655c98e01483d4b9b
Size

19KB
MD5

18f1c754de08064655c98e01483d4b9b
SHA1

99dd449077b4bbd9e9ee32580f185fa65b54bcff
SHA256

6a2fd676f6ccc564026ae3e7901f4962790e4400775eb81d5d49c538c8158a76
SHA512

564e4581108b517f95e8329581debdcda5b16d92edbf16e116633d98e06b7d41acdd9823d8132a05fa0673b61af66ddb1d7ea63000ac3ac92c7be5c0e6051267
SSDEEP

384:YoxDwDY0Mu3yspgdhz08QwsqpLXh/nZWWgW:nDoY0MuiugbQ81swXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18f1c754de08064655c98e01483d4b9b

Files

18f1c754de08064655c98e01483d4b9b
.exe windows:1 windows x86 arch:x86

4956a7a2427d242d80fc47053fe92b7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA
wsprintfA
MessageBoxA
DestroyWindow
CharNextA
CreateWindowExA
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA

kernel32

FreeLibrary
GetProcAddress
FormatMessageA
GetCommandLineA
SetErrorMode
LoadLibraryA
ord35
ord37
ExitProcess
GetModuleHandleA
GetStartupInfoA
ord36
GetLastError
lstrcpyA

gdi32

GetStockObject

shell32

ord122

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ