40fc350108ec270c28653c9dfca7ef66 | Triage

Sharing

General

Target

40fc350108ec270c28653c9dfca7ef66
Size

27KB
MD5

40fc350108ec270c28653c9dfca7ef66
SHA1

0e7d0fc8c1cab7109b455c0b5dfcf11edd3c76f4
SHA256

ed395d081cc63e7735da00e0ddb4176bd8fb85650b870a50df46fa84c40f1530
SHA512

4ecbf15e3e7757e1542dda0336c20ccdc01c8622ea635fd00d04795f91bb940219981ab7558f2e4526f465b96e9aef2bfd16431559ae5358c10da62ebb1b0952
SSDEEP

384:ns55ZBaIF+lVXH/VXFW+VoTVSAcuS4Bi8P/0SubBrWqk0qHW2U81MpWcywvSqEoY:niF+jPVXFWlSOSB8P8A0qSpVaqEohu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40fc350108ec270c28653c9dfca7ef66

Files

40fc350108ec270c28653c9dfca7ef66
.exe windows:4 windows x86 arch:x86

9534fcd0f693009c88102eb0630b67fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

HlinkNavigateString

Sections

CODE
Size: 18KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE