40ac51119ca7b7368e4fb17cefdf116f

Sharing

Copy URL

Twitter E-mail

General

Target

40ac51119ca7b7368e4fb17cefdf116f
Size

513KB
MD5

40ac51119ca7b7368e4fb17cefdf116f
SHA1

1de63a684cf4cc16244ee84324a3ccdccddd29f6
SHA256

1e264427f7c65cbd64f21246b55ca4514d4cc4338b6e3199fe46aecce2a3e52d
SHA512

849a3b382c0ae137237b9db87dc074e5a7b63eb459a5c8f3a632a31ddb23e1ebee3bca6c4a59ae7767566ebaeca8b2c014aa084b44d654b97f726fee69d835a0
SSDEEP

12288:lerLI9oUx+YKy+T4ttjxy099y4ZWjJS4EgOXsRJ382pHof9ZvHKHA:lerLIe2j9rIjvJgf95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40ac51119ca7b7368e4fb17cefdf116f

Files

40ac51119ca7b7368e4fb17cefdf116f
.exe windows:4 windows x86 arch:x86

a11f6cb70dfbce8a8a0014f7cdc7e5f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
HeapDestroy
VirtualFree
CompareStringA
GetStringTypeW
FreeEnvironmentStringsA
HeapAlloc
LoadLibraryA
UnhandledExceptionFilter
SetHandleCount
CompareStringW
EnumTimeFormatsW
EnumSystemLocalesA
GetEnvironmentStrings
TlsGetValue
TlsSetValue
GetCurrentThread
GetUserDefaultLCID
GetVersionExA
DeleteCriticalSection
TlsAlloc
GetLocaleInfoA
HeapCreate
GetLocaleInfoW
GetOEMCP
InterlockedDecrement
WriteFile
GetTimeZoneInformation
GetProcAddress
FreeLibrary
GetTimeFormatA
HeapFree
GetTempFileNameA
GetLastError
OpenWaitableTimerA
InterlockedIncrement
VirtualQuery
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
GetDateFormatA
IsValidCodePage
WideCharToMultiByte
GetStringTypeA
HeapReAlloc
SetConsoleCtrlHandler
ExitProcess
FreeEnvironmentStringsW
EnterCriticalSection
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LCMapStringW
GetModuleHandleA
GetStartupInfoA
IsValidLocale
LCMapStringA
GetCurrentThreadId
Sleep
HeapSize
GetFileType
GetStartupInfoW
GetCurrentProcessId
GetModuleFileNameA
LeaveCriticalSection
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetTickCount
InitializeCriticalSection
GetCommandLineA
GetProcessHeap
TlsFree
SetLastError
RtlUnwind
GetModuleFileNameW
GetSystemTimeAsFileTime
InterlockedExchange
MultiByteToWideChar
GetCPInfo
GetACP
GetStdHandle

comdlg32

PrintDlgW
FindTextW
PageSetupDlgW
ChooseFontA
ChooseFontW
ChooseColorA

advapi32

RegEnumKeyW
RegSaveKeyW

wininet

FtpFindFirstFileA
UnlockUrlCacheEntryFile
InternetQueryOptionA
FtpCommandW
InternetWriteFileExW
FindNextUrlCacheEntryExW
HttpQueryInfoA
DetectAutoProxyUrl
FindFirstUrlCacheEntryW

Sections

.text
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a11f6cb70dfbce8a8a0014f7cdc7e5f1

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

wininet

Sections

.text Size: 225KB - Virtual size: 225KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 225KB - Virtual size: 225KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 6KB - Virtual size: 5KB