40bf80b0700e23335a98cfe8994acb7b

Sharing

Copy URL Twitter E-mail

General

Target

40bf80b0700e23335a98cfe8994acb7b
Size

84KB
MD5

40bf80b0700e23335a98cfe8994acb7b
SHA1

3c0bbbcda56d03a111379ff306823eccf993d8c5
SHA256

22f18b36c128208cd6677582873227c34969aaf1369a52f08db07f9f5d414782
SHA512

f0fd29edd7c79b3f792db40ed1981f44d54ce8790e35ba3d3a30fedf6f245cc80414cad9c1899e041d26ee72f7761694120e2a731397ae8b05b973117acda278
SSDEEP

1536:VCHuTecjKdBgmPhIjDtVyxVRAOvURiNnF4fWv/P:wgayjZoli4NvX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40bf80b0700e23335a98cfe8994acb7b

Files

40bf80b0700e23335a98cfe8994acb7b
.exe windows:4 windows x86 arch:x86

7b7448d912e9fc3868caf843bb1c246a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
RegLoadKeyA
RegDeleteValueW
RegDeleteKeyA
RegQueryValueExA
RegDeleteKeyW
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueA
RegLoadKeyW
RegOpenKeyW
RegCreateKeyExA
RegEnumKeyExW
RegQueryValueW
RegOpenKeyA
RegEnumValueW
RegGetKeySecurity
RegQueryInfoKeyW
RegCreateKeyExW

gdi32

CancelDC
ExcludeClipRect
AddFontResourceExA
RestoreDC
AddFontResourceTracking
CreateSolidBrush
GetClipBox
AddFontResourceW
ClearBrushAttributes
ClearBitmapAttributes
CopyMetaFileA
GetPixel
GetPixel
GetBitmapBits
DeleteDC
GetCurrentPositionEx
ExtTextOutA
AddFontResourceA
BeginPath

kernel32

GetCommandLineA
GetDateFormatA
GetModuleFileNameA
GetModuleHandleA
lstrlenA
GetFileAttributesA
GetStdHandle
GetStringTypeW
HeapAlloc
WideCharToMultiByte
SetLastError
GlobalAlloc
GetLastError
GetFullPathNameA
GlobalFree
lstrcmpiA
lstrcmpA
lstrcpyA
GetFileType
GetFileSize

user32

GetWindowTextA
AppendMenuW
LoadCursorA
DrawTextW
GetCursor
DrawIconEx
BlockInput
DialogBoxParamA
InsertMenuA
DrawTextA
IsMenu
LoadMenuA
CreateIcon
GetFocus
GetMenu
CopyImage

comctl32

ImageList_LoadImageW
ImageList_DrawEx
ImageList_Create
ImageList_Destroy
ImageList_GetDragImage
ImageList_Draw
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_GetIcon
ImageList_DragEnter
ImageList_Copy
InitCommonControls
ImageList_Merge
ImageList_Remove
ImageList_DragLeave
ImageList_LoadImage
ImageList_GetIconSize

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b7448d912e9fc3868caf843bb1c246a

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 63KB

.rdata Size: 4KB - Virtual size: 113KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 113KB

.rsrc
Size: 4KB - Virtual size: 2KB