40859ca2036f030b321bd6f06b4b2eba

General

Target

40859ca2036f030b321bd6f06b4b2eba
Size

423KB
MD5

40859ca2036f030b321bd6f06b4b2eba
SHA1

3e3b7282df9e4257c65c57cfb6814c75fa451799
SHA256

12183783a3312aa3c485589b3c92f6c7ec6191a1085bfcb1a982855029fdc3de
SHA512

ee657c9733bd7dae2bc0109600277a201a9464bccf2f601acaecd283bf6b4493a2c4b377e25330693ad51ce2958bbe361a5f97bf6ad0e3bda729eb0a1c3282d4
SSDEEP

6144:ArH8o93hO7P6fBzQHwbPEsxvZwGxBEmYTfpfoUh7t5YKdKCd8J7:WcoptQHYsCvZwgBjOWKpd8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40859ca2036f030b321bd6f06b4b2eba

Files

40859ca2036f030b321bd6f06b4b2eba
.exe windows:4 windows x86 arch:x86

aa4329535e50b52ae859788bdb2162b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsValidLocale
LCMapStringW
UnhandledExceptionFilter
GetProcAddress
LeaveCriticalSection
HeapReAlloc
WideCharToMultiByte
GetACP
GetUserDefaultLCID
GetCurrentProcessId
HeapAlloc
DeleteCriticalSection
GetLocaleInfoW
TlsAlloc
GetModuleHandleA
SetConsoleCtrlHandler
ConvertDefaultLocale
InitializeCriticalSection
Sleep
GetStartupInfoA
InterlockedIncrement
GetCommandLineA
InterlockedDecrement
SetHandleCount
CompareStringW
GetTimeFormatA
lstrcmpiW
SetFileAttributesA
ExitProcess
GetTickCount
MultiByteToWideChar
WriteFile
HeapFree
GetEnvironmentStringsW
GetModuleFileNameA
HeapDestroy
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStrings
VirtualAlloc
LocalUnlock
GetCPInfo
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetFileType
GetOEMCP
GetStringTypeA
TlsFree
GetDriveTypeW
LCMapStringA
GetCurrentThread
GetSystemTimeAsFileTime
GetLastError
FreeEnvironmentStringsA
GetConsoleTitleW
GetLocaleInfoA
GetProcessHeap
EnumSystemLocalesA
TlsSetValue
SetLastError
HeapSize
EnterCriticalSection
GetStdHandle
TlsGetValue
CompareStringA
IsValidCodePage
VirtualFree
GetStringTypeW
WriteConsoleOutputA
InterlockedExchange
GetVersionExA
GetTimeZoneInformation
GetDateFormatA
SetUnhandledExceptionFilter
FreeLibrary
FreeEnvironmentStringsW
SetEnvironmentVariableA
IsDebuggerPresent

wininet

SetUrlCacheConfigInfoW
FtpGetFileSize
InternetGetLastResponseInfoW
FtpOpenFileA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa4329535e50b52ae859788bdb2162b7

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 275KB - Virtual size: 274KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 275KB - Virtual size: 274KB

.rsrc
Size: 13KB - Virtual size: 12KB