40a0ff36e52cd53ac15c308164e0b272 | Triage

Sharing

General

Target

40a0ff36e52cd53ac15c308164e0b272
Size

125KB
MD5

40a0ff36e52cd53ac15c308164e0b272
SHA1

54c57bf4d5f38d56e9b01ef7dafb4e9ed4861aa9
SHA256

786bd9d80f90e6b7d8afca8a92c229758444463152069af58db40bbe0bc78878
SHA512

6dc0c3d69d9a093b00bb8b670d7cb9fe76f3b144894713401faa0931d8261d4c9698a4c258aa08688eaabd5fc2b10cacc0fb9a98851da88d7c0f3112bf0be2ec
SSDEEP

3072:ErjS9FMpTlIdwcBI1x+Tiw/CLy5350V6OgOxxT+:ElRlg6x+O4CV6nV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a0ff36e52cd53ac15c308164e0b272

Files

40a0ff36e52cd53ac15c308164e0b272
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 41KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE