40a44d00658e9f4394b58a3ed39d3360[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

40a44d00658e9f4394b58a3ed39d3360.exe
Size

640KB
MD5

40a44d00658e9f4394b58a3ed39d3360
SHA1

c6da93fae2adec271d430e4709a162d34b911d23
SHA256

4be4b17724142bdbe018efeb166887a53d5b7b0c319f0820b8268b691e75fbe0
SHA512

b03db87a7711960009afe7d0bf295adff9579b1b869d0f7a70892a4cac69632822f62e7e538281667fc6f933f8293d847a61c16979e40be232ef37c8893a684d
SSDEEP

12288:gUzNef3SBPjZZQOcPskdzM0DZdwPCrUQaoGFU3Q5QitdsOeg:gcNesdZCA6N3Q6itdsOeg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a44d00658e9f4394b58a3ed39d3360.exe

Files

40a44d00658e9f4394b58a3ed39d3360.exe
.exe windows:5 windows x86 arch:x86

cd09feae32ba8f2420f988451f2daed9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sn.pdb

Imports

mscoree

StrongNameSignatureGenerationEx
StrongNameFreeBuffer
StrongNameTokenFromPublicKey
StrongNameSignatureVerificationEx
StrongNameKeyGen
StrongNameKeyGenEx
StrongNameGetPublicKey
StrongNameTokenFromAssemblyEx
StrongNameCompareAssemblies
StrongNameKeyInstall
GetRequestedRuntimeInfo
StrongNameKeyDelete
StrongNameErrorInfo

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_errno
_purecall
_CxxThrowException
strcpy_s
memmove
strchr
_wtoi
memcpy
sprintf_s
__CxxFrameHandler3
memset
_snwprintf_s
wcsncpy_s
_snprintf_s
wcscat_s
_vsnwprintf_s
wcscpy_s
_vsnprintf_s
wcschr

advapi32

CryptAcquireContextW
CryptAcquireContextA
RegQueryValueExW
RegDeleteValueW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyExA
CryptGetUserKey
CryptExportKey
RegCloseKey

kernel32

CreateFileMappingA
CreateFileMappingW
LocalFree
LocalAlloc
FormatMessageA
FormatMessageW
TlsGetValue
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcessId
GetTickCount
CreateFileA
CloseHandle
SetLastError
GetLastError
GetFileSize
FreeLibrary
GetProcAddress
WriteFile
GetStdHandle
GetConsoleOutputCP
ReadFile
SetConsoleMode
GetConsoleMode
UnmapViewOfFile
MapViewOfFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExA
MultiByteToWideChar
GetCPInfo
GetModuleHandleA
WideCharToMultiByte
lstrlenW
TerminateProcess
GetCurrentProcess
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameA
GetModuleFileNameW
CreateFileW
GetVersionExW
UnhandledExceptionFilter

crypt32

CertSetCertificateContextProperty
PFXImportCertStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertFreeCertificateContext
CryptQueryObject
CertCloseStore

user32

LoadStringW
LoadStringA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd09feae32ba8f2420f988451f2daed9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

msvcr80

advapi32

kernel32

crypt32

user32

ole32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 580KB - Virtual size: 584KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 580KB - Virtual size: 584KB