18ab2f9f7bf7197b613a045fedac1e4fc9dbdef5fff9f76e43f18c1c9e3aee1b | Triage

Sharing

General

Target

18ab2f9f7bf7197b613a045fedac1e4fc9dbdef5fff9f76e43f18c1c9e3aee1b
Size

2.3MB
MD5

ef1ed100d388c084ab209ec0849d4341
SHA1

522020c14c6d08ec616c13c4018230aefb6f967f
SHA256

18ab2f9f7bf7197b613a045fedac1e4fc9dbdef5fff9f76e43f18c1c9e3aee1b
SHA512

e0ce4250140de91df7df5c39dea122d5f16c79081fd5d022aeed939de11eedbcd0ca87025f7259f3c7b41ffda40395bbf98f654ecca40aa592b975ffe8b143f7
SSDEEP

49152:XkmKhyq24kI3qebVa00H4SDB1Coy2O+C7rPD9sCpmGYkX0yHX0xSijAwzX:XkmKEqlkAbkrx1bZ+7rPDBpmfkvXTijn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
18ab2f9f7bf7197b613a045fedac1e4fc9dbdef5fff9f76e43f18c1c9e3aee1b

Files

18ab2f9f7bf7197b613a045fedac1e4fc9dbdef5fff9f76e43f18c1c9e3aee1b
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cocszxkp
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ygrlplod
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE