40366532f039c69131af936bae4bc399 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40366532f039c69131af936bae4bc399
Size

328KB
MD5

40366532f039c69131af936bae4bc399
SHA1

603cc6f54d9638bfdd8acb7450cb5abe55696156
SHA256

f0110aa61a05669441c15019214dc598172602f5126370f96c9f75918bfe7696
SHA512

057346dcec826855d3240f690d43b1a2ca873f69a5c78ebc7b5c86ce86c1055ee6d186b33913a296cce0257396b1b93cf5d8d67b6cd7a07aa2b87d91d1a93914
SSDEEP

6144:gMO9kbGyls4BRf5ULRYNd0D9p+G/i5lf9TFZM8/4tVRn911A:g79664Kad0ucA5JndkVRn9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40366532f039c69131af936bae4bc399

Files

40366532f039c69131af936bae4bc399
.exe windows:4 windows x86 arch:x86

c2488b7632dbbffb82606152692981e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memcmp

kernel32

LoadLibraryA
Heap32First
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
GetEnvironmentVariableW
CreateFileA

user32

GetInputState

wininet

FtpPutFileA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ