40da9df0fc64aa3e879d7e0aff8fe456a9c74c6531fce09467fc70867b77dc99

Sharing

Copy URL Twitter E-mail

General

Target

40da9df0fc64aa3e879d7e0aff8fe456a9c74c6531fce09467fc70867b77dc99
Size

1.7MB
MD5

f27f0009c93ff4108bb731e52a1570f8
SHA1

59c9d74e3c1222698629b488dd6ac6bb9f19b042
SHA256

40da9df0fc64aa3e879d7e0aff8fe456a9c74c6531fce09467fc70867b77dc99
SHA512

c9bfd65ad057abf0d13a4f3cbaf356b9ff526c81a3df8afdf38b4a9b1c91ba1bd69345b1654677a5bfb418c6b028cb153cce3ba4afd5ca99884a94ef1dbf5dc0
SSDEEP

24576:kg23ENFGDhoAphRI26gUBVJoerwnU+ZS53VZpvsfI:kg23Yj4hRI1Vqi1n53VPsfI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40da9df0fc64aa3e879d7e0aff8fe456a9c74c6531fce09467fc70867b77dc99

Files

40da9df0fc64aa3e879d7e0aff8fe456a9c74c6531fce09467fc70867b77dc99
.exe windows:4 windows x86 arch:x86

cbd52ce7b9d77d940eb7081b446b8935

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\work\hge_projects\hidden\casual2_final.pdb

Imports

hge

hgeCreate

kernel32

SetHandleCount
ExitThread
GetLastError
CreateMutexA
CloseHandle
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetThreadPriority
ResumeThread
SetEvent
CreateEventA
QueryPerformanceFrequency
OutputDebugStringA
SetEnvironmentVariableA
CompareStringW
CompareStringA
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateDirectoryA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CreateThread
GetFileType
DeleteCriticalSection
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FatalAppExitA
VirtualAlloc
HeapReAlloc
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetLocaleInfoA
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile

user32

EnumWindows
SetForegroundWindow
IsIconic
ShowWindow
DefWindowProcA
MessageBoxA
DestroyWindow
CreateWindowExA
RegisterClassA
SendMessageTimeoutA
MsgWaitForMultipleObjects
SetWindowLongA
CallWindowProcA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutOpen
waveOutClose
waveOutReset
waveOutWrite

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.textbss
Size: - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbd52ce7b9d77d940eb7081b446b8935

Headers

File Characteristics

PDB Paths

Imports

hge

kernel32

user32

shell32

winmm

ole32

Sections

.textbss Size: - Virtual size: 664KB

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 148KB - Virtual size: 144KB

.data Size: 92KB - Virtual size: 111KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 30KB

.textbss
Size: - Virtual size: 664KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 148KB - Virtual size: 144KB

.data
Size: 92KB - Virtual size: 111KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 30KB