418c38c1a242368e0d52cb0f6a230be33ee707c8a9441632c5e1a7c6b6a01301N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

418c38c1a242368e0d52cb0f6a230be33ee707c8a9441632c5e1a7c6b6a01301N
Size

228KB
MD5

f8e2b792c857cabde9eadccc6dc93b50
SHA1

543e65ffc5e7c31f7e709e05b4733bcc1c7114f8
SHA256

418c38c1a242368e0d52cb0f6a230be33ee707c8a9441632c5e1a7c6b6a01301
SHA512

8e9b233c8be5d053d59e528d9bf4727c2a68e72130310dd820900b3af46c98d32507284160bac712a705474217cacd333e9417077f4600edcd5825ed83639d71
SSDEEP

3072:GvXSOxRr01qWxX6UtFACJZR/3dpnWpg/dJAVE4QS7YvDfOXjYLJ8GpJRLF4U1+Wj:GfS0MvtFtJZxTxisDOXm1J4NaEb6Xh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
418c38c1a242368e0d52cb0f6a230be33ee707c8a9441632c5e1a7c6b6a01301N

Files

418c38c1a242368e0d52cb0f6a230be33ee707c8a9441632c5e1a7c6b6a01301N
.exe windows:4 windows x86 arch:x86

187a750cc0ad165c2c2b5868caad310e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
DeleteCriticalSection
GetLocalTime
CreateFileA
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
CreateDirectoryW
DeleteFileW
ResetEvent
VirtualFree
VirtualAlloc
lstrcpyA
GetCurrentProcess
GetProfileStringW

user32

CharUpperBuffA
GetMessageTime
GetDlgCtrlID
KillTimer
GetSystemMenu
UnhookWindowsHookEx
GetMenuItemInfoW
GetWindowTextA
ScrollWindow
IsDialogMessageW
GetIconInfo
CheckDlgButton
CallNextHookEx
SendMessageTimeoutA
SetWindowTextA
DrawTextA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
memset
atoi
fclose
fwrite
fputs
fseek
fopen
free
malloc
_ftol
strcpy

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ