7e18cf71134999ed95aef3497d84d41a | Triage

Sharing

General

Target

7e18cf71134999ed95aef3497d84d41a
Size

123KB
MD5

7e18cf71134999ed95aef3497d84d41a
SHA1

4f8fd45fa97c394ad6cd2b4eed42d92a84ed1ae0
SHA256

8918fce6154d72c4b444feaeca4568acb96c34cda064bcec57d4595b46d0e804
SHA512

a50e08fb87d4291ab42cb7ef4ac94e90dc256e1637b9e6a3d2f6b2e40513e17e0361844e18aaaaa58b4186de6c0b41e3a28a20bb718452e03a89b21d6e2c4b84
SSDEEP

3072:/l0oKuahw8OX5BTx0t+Ss7WGDrPfzIV7KCB:/ljahtOXB5SPWQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e18cf71134999ed95aef3497d84d41a

Files

7e18cf71134999ed95aef3497d84d41a
.exe windows:4 windows

0bd0865b865f329879049252950d375d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
GetNextVDMCommand
SetFirmwareEnvironmentVariableA
AddConsoleAliasA
Module32FirstW
GetProfileStringW
MoveFileExW
WriteFileEx
GetConsoleScreenBufferInfo
RegisterWowExec
GetProcessShutdownParameters

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ice
Size: 67KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE