40a017a9c2354277af76a524e3ac37f5

General

Target

40a017a9c2354277af76a524e3ac37f5
Size

182KB
MD5

40a017a9c2354277af76a524e3ac37f5
SHA1

9c58359d1a3068ffc481c1e6ebbc89d87d6d64ae
SHA256

15ff2d53ef70aeec60aabfba78c2c34ee0ce94c300b40bcd06c978abd35781d0
SHA512

b6b498f91baa68bc0ec5e72f06f1ff5176959d5455a8057839ae954750dec208c4048d0a788f674b2667e3322b4c47fe7d79ffd8c7fa6f62336bad20111c2804
SSDEEP

3072:CXiaMx7G7S6UUgQEQosuc3ql0nXTMS6n3x/Sd+sKTpahPCKaY37kgm:0ax7G7TdhF8crnXTMS6h/SwQhaKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a017a9c2354277af76a524e3ac37f5

Files

40a017a9c2354277af76a524e3ac37f5
.dll windows:4 windows x86 arch:x86

8a5ea6bd31df0d9c7f48fed33c371045

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteCriticalSection
ExitProcess
FreeLibrary
GetACP
GetCommandLineA
GetFileType
GetLocaleInfoA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GetStringTypeA
GetTimeZoneInformation
HeapAlloc
HeapCreate
HeapReAlloc
IsDebuggerPresent
MultiByteToWideChar
RtlUnwind
SearchPathA
SetConsoleCtrlHandler
SetLastError
SetThreadAffinityMask
SetUnhandledExceptionFilter
lstrcatA
lstrcpyA

user32

DefFrameProcA
DrawFrameControl
GetDlgCtrlID

winmm

timeGetTime
timeBeginPeriod

ole32

StringFromGUID2
CoFileTimeNow
CoCreateInstance
CLSIDFromString

advapi32

LookupAccountSidW
RegSaveKeyA
RegQueryMultipleValuesW
RegDeleteKeyW
QueryServiceObjectSecurity
PrivilegeCheck
LsaICLookupNames
AddAce
CryptGetKeyParam
EqualPrefixSid
GetAuditedPermissionsFromAclW
GetSecurityDescriptorLength
InitiateSystemShutdownExW

shlwapi

StrTrimA
StrStrIA
PathStripPathA
PathRenameExtensionA

Exports

Exports

EnumRelCamSettingNext
GetCDInfo
MemcpyFromArray

Sections

.text
Size: 119KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a5ea6bd31df0d9c7f48fed33c371045

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 119KB - Virtual size: 216KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 216KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB