400f41e93202328dd9728d9c92105695b0d66aa002f4c80a0a52b0e0c5c0aba9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

400f41e93202328dd9728d9c92105695b0d66aa002f4c80a0a52b0e0c5c0aba9
Size

2.6MB
MD5

a7fc0ba33cc3d037baec407c2d35e78c
SHA1

93c2c923aafeab81a8ee6b40f8b368c8f74dd85e
SHA256

400f41e93202328dd9728d9c92105695b0d66aa002f4c80a0a52b0e0c5c0aba9
SHA512

27c563e889eadc3b718d6c0ff2b3f8e03935ee6377f4ffd517ad2849431b19c46dd688e1a801245972d3d4a541d19260a769a1a82010682b9caa4c11ebedf7a8
SSDEEP

49152:ZhAF3WiuOPFXE414X1KkxmlRi4kcY2rdFnoTO+DBAA1Wm3Wfppppppppppp:CWi/tU414lKztrdQO+VA0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
400f41e93202328dd9728d9c92105695b0d66aa002f4c80a0a52b0e0c5c0aba9

Files

400f41e93202328dd9728d9c92105695b0d66aa002f4c80a0a52b0e0c5c0aba9
.exe windows:4 windows x86

5e6833dc2ee1ec5d632a38a6fe3c6912

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

msimg32

AlphaBlend

gdi32

WidenPath

version

VerQueryValueA

mpr

WNetGetConnectionA

olepro32

OleLoadPicture

ole32

CreateStreamOnHGlobal

comctl32

FlatSB_SetScrollPos

imm32

ImmGetCompositionStringW

shell32

Shell_NotifyIconA

winspool.drv

WritePrinter

comdlg32

PrintDlgA

wsock32

WSACleanup

netapi32

Netbios

gdiplus

GdipGetImageHeight

winmm

timeGetTime

sqlite3

sqlite3_bind_parameter_index

Sections

.text
Size: 2.3MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE