18b4870c4a5f7534aad92acf063f2d9a61253978f4737bb911140f0bf88b1027N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18b4870c4a5f7534aad92acf063f2d9a61253978f4737bb911140f0bf88b1027N
Size

161KB
MD5

fcad31dd9bc554020b04d29eedf1db70
SHA1

f100003a6df41691f5c287f0a0326cefd368a235
SHA256

18b4870c4a5f7534aad92acf063f2d9a61253978f4737bb911140f0bf88b1027
SHA512

e57307a1b9cb906d4c82fe3a02e9694cc424a4d16a1ca88be4715c51b3e98e03b1c57b2f23d242e3ec01091de50ed9d3bc4d216db93f9c9448650f30d0d5c5bc
SSDEEP

3072:sb34Z5vGa3cCLPFiSBeusuMVruQO1VR7CimnYqSsoqx0QOV6:sb3q5/lzgyeusBra1bCLnYbfpQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18b4870c4a5f7534aad92acf063f2d9a61253978f4737bb911140f0bf88b1027N

Files

18b4870c4a5f7534aad92acf063f2d9a61253978f4737bb911140f0bf88b1027N
.exe windows:4 windows x86 arch:x86

a3513d386cd9b5108abc806485c7ee93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEnvironmentVariableW
FindClose
GetNextVDMCommand
SystemTimeToFileTime
SetCurrentDirectoryW
FileTimeToSystemTime
SetThreadPriority
FindResourceW
FindFirstFileW
SetErrorMode
CompareStringA
GetStringTypeW
EnumResourceNamesW
LocalFileTimeToFileTime
RegisterWaitForSingleObject
FindNextFileW
GetShortPathNameW
FileTimeToLocalFileTime
LoadResource
FreeLibrary
GetLocalTime
SearchPathW

user32

GetWindowInfo
GetCapture
ValidateRect
ReleaseCapture
SetCapture
InvalidateRgn
ExcludeUpdateRgn
ValidateRgn
GetUpdateRgn

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ