18afa3f2dc3c9144dbec7e27b8b5349fe5fd381ab64b04d8657a37660cb1ca29N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18afa3f2dc3c9144dbec7e27b8b5349fe5fd381ab64b04d8657a37660cb1ca29N
Size

56KB
MD5

189950d9205a092db28a93216c2789b0
SHA1

64662b2720a7df30b9c5ba107a80aa9ceef6c298
SHA256

18afa3f2dc3c9144dbec7e27b8b5349fe5fd381ab64b04d8657a37660cb1ca29
SHA512

886f53ee561fe2e2381d53bd86807505f9125c008d25da8a2c31aecf1552f15c0569ef2a7ec01155b3e1dfe7570cf0346beff881a516135a05f729c4e7bc9b3d
SSDEEP

1536:NzARiY+RF180eSF9UAO/BgkZxqoyTPcR1AB8O:NzAkY+SODO7S5TUYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18afa3f2dc3c9144dbec7e27b8b5349fe5fd381ab64b04d8657a37660cb1ca29N

Files

18afa3f2dc3c9144dbec7e27b8b5349fe5fd381ab64b04d8657a37660cb1ca29N
.exe windows:4 windows x86 arch:x86

5d7f1012e53d43946b07ce07c712163b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
CreateFileMappingA
IsProcessorFeaturePresent
SetDefaultCommConfigW
GetModuleHandleW
VirtualUnlock
WriteProfileSectionW
GetLocaleInfoW
QueryInformationJobObject
WritePrivateProfileSectionA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE