40cebc25397256c0bb95fcf99443042f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40cebc25397256c0bb95fcf99443042f
Size

20KB
MD5

40cebc25397256c0bb95fcf99443042f
SHA1

b3348dadbdf00ab71a1333795eb6387c77797294
SHA256

8241bb1d37cb4d3a4ed3fa07a3e7b342fdeb23e3289f5a0d179d5cd452171173
SHA512

78a35361e4e4d94054f4070e7883fc8745afd517bcfdfe5f8dce6fb9bb901500777ebae375946644b16c46a08a7a0261b3ae9d4372be3c66f99a9fb1e58f3684
SSDEEP

384:LMeMKe+jG7Emo2kq8/j0B4XJwVSIwQfgmK0KL/5FJIMjl0j:LM/KPjG73Z8IswHwmgmK0AxcBj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40cebc25397256c0bb95fcf99443042f

Files

40cebc25397256c0bb95fcf99443042f
.exe windows:4 windows x86 arch:x86

3d6b1dfb2ec392d3b35ea296efdcefa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapReAlloc
GetVersion
CloseHandle
CompareFileTime
lstrlenA
GetModuleHandleA
GetStdHandle
HeapWalk
TlsFree
GetConsoleCP
GetAtomNameA
FindAtomA
WaitForSingleObject
InterlockedExchange
VirtualProtect
GetProfileIntA
LoadLibraryA
TlsGetValue
GlobalUnlock
GetTickCount

user32

CopyRect
LoadIconA
GetWindowTextA
EqualRect
GetKeyboardLayout
TranslateMessage
InsertMenuA
DispatchMessageA
ShowWindow
ModifyMenuA
SetWindowPos
GetDlgItem
DestroyMenu
InflateRect
CreateCaret
PaintDesktop
DialogBoxParamA
SubtractRect
UpdateWindow
GetMenuStringA
SetPropA
PostMessageA
MessageBoxA
GetMenu
EnableScrollBar

msi

MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ