40d3c7668ece92e9d805675e94365ea0

Sharing

Copy URL

Twitter E-mail

General

Target

40d3c7668ece92e9d805675e94365ea0
Size

788KB
MD5

40d3c7668ece92e9d805675e94365ea0
SHA1

c366e4e95a862e94809c93a8847077fe54a80b27
SHA256

9d738179be00ff8e76ff30cb5ad535def6c2087a1d8958cc694a03f540042229
SHA512

57d93d2f11fe82ab35af3a39da2544bd6fdde7e12d5d72b259bb16966518b788de3331af6656b0cdc3e9ca00be29f0f13f898f606025f1fe0f0993f173fd332d
SSDEEP

12288:7IY80ASmy4p2a2eRfamhM2F19gINtuStm0pxft1tS8C:7IY8umT4a2eRfamh/F19duWpxft1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40d3c7668ece92e9d805675e94365ea0

Files

40d3c7668ece92e9d805675e94365ea0
.exe windows:4 windows x86 arch:x86

35f0567a51746c5177af37c269269a77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
DeleteService
RegisterServiceCtrlHandlerA
CreateServiceA
QueryServiceStatus
RegDeleteValueA
SetServiceStatus
OpenSCManagerA
ControlService
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHFileOperationA

user32

wvsprintfA
wsprintfA

ws2_32

inet_ntoa
WSAStartup
inet_addr
htonl
WSARecv
WSASend
WSAGetLastError
WSAEnumNetworkEvents
htons
WSAEventSelect
connect
getsockname
shutdown
WSACleanup
bind
closesocket
gethostbyname
WSASocketA
listen
WSAWaitForMultipleEvents
accept
ioctlsocket
WSASetLastError
recv
send
ntohs

kernel32

GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetDriveTypeA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
VirtualProtect
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
RtlUnwind
SetStdHandle
FlushFileBuffers
FileTimeToDosDateTime
CreateFileA
GetFileSize
GlobalMemoryStatus
SetFilePointer
lstrlenA
VirtualQuery
GetSystemTimeAsFileTime
WriteFile
GetSystemInfo
GetModuleFileNameA
GetFileTime
OutputDebugStringA
CloseHandle
FileTimeToLocalFileTime
lstrcpyA
SetFileTime
ReadFile
GetLastError
MoveFileExA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
DeleteCriticalSection
WaitForSingleObject
SetEvent
Sleep
CreateEventA
InterlockedExchange
ResetEvent
InterlockedIncrement
GetCurrentThreadId
SystemTimeToFileTime
FileTimeToSystemTime
FindFirstFileA
FindClose
FindNextFileA
GetFileAttributesA
CreateDirectoryA
CompareFileTime
SleepEx
WaitForSingleObjectEx
GetCurrentProcess
GetCurrentThread
QueueUserAPC
SetConsoleCtrlHandler
OpenEventA
DuplicateHandle
GetVersionExA
GlobalAlloc
CreateProcessA
TerminateProcess
GlobalFree
CreatePipe
SetLastError
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
FreeLibrary
GetProcAddress
LoadLibraryA
FlushConsoleInputBuffer
GetStdHandle
ExitThread
CreateThread
GetModuleHandleA
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
UnhandledExceptionFilter
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

Sections

.text
Size: 580KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35f0567a51746c5177af37c269269a77

Headers

File Characteristics

Imports

advapi32

shell32

user32

ws2_32

kernel32

Sections

.text Size: 580KB - Virtual size: 576KB

.rdata Size: 140KB - Virtual size: 138KB

.data Size: 64KB - Virtual size: 79KB

.text
Size: 580KB - Virtual size: 576KB

.rdata
Size: 140KB - Virtual size: 138KB

.data
Size: 64KB - Virtual size: 79KB