40dae164a12ef43021c251c09a220a49

Sharing

Copy URL Twitter E-mail

General

Target

40dae164a12ef43021c251c09a220a49
Size

169KB
MD5

40dae164a12ef43021c251c09a220a49
SHA1

85556d3985d670e77473174f72e380bf7aec1a31
SHA256

bdd3f91844cb608e1e132ace535b828042a5d2d638931ff426e4bdbc61f43978
SHA512

4b7f770dc0b96fbd3241a32ede363a7541f93da7623ea1d7351b19bff57710f174ecbcb799b2364392247739a844862da185644ff1075e972efbe01d1d64624e
SSDEEP

3072:sfEnUz/dIPZ9EAwhTUmkOsAwZtJpAYkHMkqOdj2/si4G/dFiPTBMx1VzmiHS7i:ssUp2Z9EAwh+HvtjQskqOd6/qaFi7oR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40dae164a12ef43021c251c09a220a49

Files

40dae164a12ef43021c251c09a220a49
.exe windows:4 windows x86 arch:x86

135dea1bdfdf4398b099b9f2d169034d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateStaticFromData
PropVariantClear
CreateStreamOnHGlobal
CoRevokeClassObject
GetHGlobalFromStream
StgOpenStorage

user32

GetScrollPos
LoadKeyboardLayoutA
GetClientRect
DrawAnimatedRects
CharLowerA
GetClassInfoA
GetWindow
SetCursor
RemovePropA
ShowOwnedPopups
SetScrollPos
GetSysColor
GetClipboardData
SetClipboardData
GetWindowThreadProcessId
SetWindowPlacement
CreateWindowExA
TranslateMDISysAccel
SetWindowPos
LoadIconA
GetScrollInfo
EndPaint
GetCursorPos
SetMenuItemInfoA
DestroyWindow
SetWindowTextA
ChildWindowFromPoint
GetWindowLongW
GetSystemMetrics

comctl32

ImageList_GetBkColor
ImageList_Read
ImageList_Create
ImageList_Draw
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_Destroy

version

GetFileVersionInfoSizeA

msvcrt

memset
tolower
strncmp
log
tan

kernel32

GetACP
GetCommandLineW
GetCPInfo
VirtualAlloc
lstrlenW
GetModuleHandleW
SetFilePointer
GetLocalTime
GetLastError
ResetEvent
ExitThread
LoadLibraryExA
GetCommandLineA
GetModuleHandleA
LoadLibraryA
lstrlenA
GetCurrentThreadId
ExitProcess
GetProcAddress

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

135dea1bdfdf4398b099b9f2d169034d

Headers

File Characteristics

Imports

ole32

user32

comctl32

version

msvcrt

kernel32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 1024B - Virtual size: 592B

.rdata Size: 11KB - Virtual size: 11KB

BSS Size: 69KB - Virtual size: 69KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 1024B - Virtual size: 592B

.rdata
Size: 11KB - Virtual size: 11KB

BSS
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 9KB - Virtual size: 9KB