40e2351306a02f6d73b227200377110b

General

Target

40e2351306a02f6d73b227200377110b
Size

36KB
MD5

40e2351306a02f6d73b227200377110b
SHA1

26934b6be7427ba00d760e943440b5b420c5900b
SHA256

c61183cefaf8f33a33f3fc41af77e3af3b64d89b9efc23437171e553d8e57e58
SHA512

efa61ea09cf9b9214dcc62c3a0a65eb1e864a27cbdbd0b847d7a0356ad21ec7b4fc36677d8e4b826dc400e44a59d796b9bc270a99fb2f6e0ebd17cbe7ad79511
SSDEEP

768:UMqGoZXwmXrplVv925htcHITD4Ph9evMcfeyMpvEmCU/aI9WTRybLuW70R:UMmZJXrFv925hN4ZEkcmyMdaNTmBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e2351306a02f6d73b227200377110b

Files

40e2351306a02f6d73b227200377110b
.exe windows:3 windows x86 arch:x86

9e3ffc9c04b13d1d25caecaff04716de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwDeviceIoControlFile
NtCreateProcess
ZwCreateNamedPipeFile
RtlSetCriticalSectionSpinCount
RtlGetSetBootStatusData
RtlIpv4StringToAddressW
RtlAreAllAccessesGranted
NtAllocateVirtualMemory
LdrDestroyOutOfProcessImage
RtlClearAllBits
RtlIpv4StringToAddressExA

kernel32

LoadLibraryW
MulDiv
GetModuleFileNameA
lstrcmpA
CopyFileExW
GetTempPathA
AddAtomA
lstrcpy
CreateMutexA
lstrlenW
SetEvent
DuplicateHandle
lstrcat
GetVersion

user32

IsIconic
InsertMenuItemW
PeekMessageA
GetClassLongW
IsMenu
CreateDialogParamW
SetScrollInfo
SendMessageW
DrawIcon
SetWindowTextA
GetClassInfoW
GetWindowTextA
IsChild
SetCapture

gdi32

SelectObject
SetTextColor
GetBitmapBits

advapi32

RegRestoreKeyA
RegDeleteKeyW

comdlg32

GetFileTitleA

shell32

StrChrIA

ole32

CoGetClassVersion
CoGetClassObject

version

VerFindFileA
GetFileVersionInfoA
VerInstallFileW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e3ffc9c04b13d1d25caecaff04716de

Headers

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

version

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 6KB - Virtual size: 5KB