18ecfa0e0661d3237f5c539bdb25c7bb7dd037bc9e6ca44f4fbf9ef3df8c595e

Sharing

Copy URL

Twitter E-mail

General

Target

18ecfa0e0661d3237f5c539bdb25c7bb7dd037bc9e6ca44f4fbf9ef3df8c595e
Size

241KB
MD5

3ca528e87629cc97d4a0897348dcd04c
SHA1

74e40303ef594745aa98ad4d20715c7357472d42
SHA256

18ecfa0e0661d3237f5c539bdb25c7bb7dd037bc9e6ca44f4fbf9ef3df8c595e
SHA512

150682f38b175cf1b2a2a016b5673e949bef87fbfa898fe35f4263fdbf7001602736eb6b5fca565740546ea43fad4353383a3be89008348d550df529c6d10395
SSDEEP

3072:BuYiiS8UBuk6CAeWBNhKOFG8TdqiL5K8Cm8tF:B1WokJAeWB/7GTFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18ecfa0e0661d3237f5c539bdb25c7bb7dd037bc9e6ca44f4fbf9ef3df8c595e

Files

18ecfa0e0661d3237f5c539bdb25c7bb7dd037bc9e6ca44f4fbf9ef3df8c595e
.exe windows:6 windows x86 arch:x86

3daf61fd4eb3d7240af442a5a1e94c39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\code\ik-sdwan\win32\bin\Release\x86\ikuaiprotect.pdb

Imports

kernel32

GetCurrentProcess
GetModuleFileNameW
CreateFileW
GetCurrentThreadId
EnterCriticalSection
GetCurrentProcessId
LeaveCriticalSection
CloseHandle
TerminateProcess
WriteFile
FlushFileBuffers
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
CreateNamedPipeW
GetCommandLineW
CreateFileA
GetLastError
CreateThread
GetTickCount
WaitForSingleObject
Sleep
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
InitializeCriticalSectionEx
DecodePointer
GetFileSizeEx
SetFilePointerEx
CreateDirectoryW
GetStringTypeW
GetCurrentThread
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
SetUnhandledExceptionFilter
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
WriteConsoleW
FindClose
IsDebuggerPresent
OutputDebugStringW
RaiseException
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetTimeZoneInformation
SetStdHandle
GetFileType
GetConsoleOutputCP
GetConsoleMode
MultiByteToWideChar
GetFileAttributesExW
WideCharToMultiByte

user32

MessageBoxW
wsprintfW

advapi32

LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges

shell32

ShellExecuteExW
CommandLineToArgvW

ole32

CoUninitialize
OleUninitialize
CoInitialize
OleInitialize

shlwapi

PathFindFileNameW
PathRemoveFileSpecW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3daf61fd4eb3d7240af442a5a1e94c39

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

dbghelp

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 5KB - Virtual size: 5KB