b040c6ebe2747d444f6a37252aad980d33d932651866624695fc8699985e1004 | Triage

Sharing

General

Target

b040c6ebe2747d444f6a37252aad980d33d932651866624695fc8699985e1004
Size

2.3MB
MD5

25b43f92f8eb1d1b10400a12f1dccf6a
SHA1

8e1d40f6b8c803fb2c18170ca861a467923e74f4
SHA256

b040c6ebe2747d444f6a37252aad980d33d932651866624695fc8699985e1004
SHA512

763c14942e0f2ee4ef25d73c76f906a395ef33b30b5f640ee5cd377737d84c7fc3bdf6705c41025e1d3584aac66ce4cd8a14af72781c824c538ca52b4220858d
SSDEEP

49152:Hr+wimbwXlPHS76Nxx+/46esFrrCHNQP2uVOYM/dpWBW:Hr+wimcVy7F/fTrrCHmP2qOr/dpWBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b040c6ebe2747d444f6a37252aad980d33d932651866624695fc8699985e1004

Files

b040c6ebe2747d444f6a37252aad980d33d932651866624695fc8699985e1004
.exe windows x86

72d77f07367a26d5037afd50ff4a76ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers

user32

GetTopWindow

ole32

CoCreateInstance

gdi32

ExtTextOutA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

winspool.drv

ClosePrinter

comctl32

ord17

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 500KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 904KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ