40301872f563c4e41215c0f768c13f13 | Triage

Sharing

General

Target

40301872f563c4e41215c0f768c13f13
Size

24KB
MD5

40301872f563c4e41215c0f768c13f13
SHA1

ac9626c01e388a4658fa76431f1d17418ccba19a
SHA256

d9c982d7eb048fc85898ef5a4b1044af5bfb484cc81c2e74a0fdb63a74b8191e
SHA512

d0012b9c0d2dac7c6a0389a1a5b0964d9af8a3a3408de37e7bd998f72e28d965f29d2aa5071341acae3d3f475d5a7e786cc0ff2b1cf9cf5ef01d73c4cefac8f1
SSDEEP

384:9/PA8JKFW/8AoWHcgR2lpaQFxH/f4kVdjaLacmkC0GJsJxXSdqWoZDEWA:lPA8JK/A9AaQFxfftjaLacmkLGKddm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40301872f563c4e41215c0f768c13f13

Files

40301872f563c4e41215c0f768c13f13
.exe windows:4 windows x86 arch:x86

5503260410daad8f1592c235f029ad38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
WinExec
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
GetTempPathA
GetSystemDirectoryA
Sleep
GetPrivateProfileStringA
lstrcatA
DeleteFileA

user32

GetMessageA
wsprintfA
MessageBoxA
TranslateMessage
DispatchMessageA

msvcrt

strrchr
_stricmp
atoi
_itoa
_except_handler3

netapi32

Netbios

Sections

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ