40f400c0c06ea30eae7eafe9de889d47be49f8708c80ce0f2638f04518d85cfdN | Triage

Sharing

General

Target

40f400c0c06ea30eae7eafe9de889d47be49f8708c80ce0f2638f04518d85cfdN
Size

1.8MB
MD5

bad9c7c6be38714c1bce8358443dc8c0
SHA1

33bfdc39b77d7e5a570b37c6d181a54c768d6cec
SHA256

40f400c0c06ea30eae7eafe9de889d47be49f8708c80ce0f2638f04518d85cfd
SHA512

a7989113c9fa9860317366b13abee49846d0c74e57ff7da1e779a17b863d3aaca1774ed88f593fe94b4a3592ecb86020ab647fcb59bd467f8ee25d4e4ad1ff69
SSDEEP

24576:njk+tCFXNmk3tnHK5DxLRNcdVpMFPBjSbPr/DJJcKCLQ8fcSyOoTY/zFSJILSeSf:jk+tC19nqDYdV8PtSLgQTY/ha+SvH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
40f400c0c06ea30eae7eafe9de889d47be49f8708c80ce0f2638f04518d85cfdN

Files

40f400c0c06ea30eae7eafe9de889d47be49f8708c80ce0f2638f04518d85cfdN
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tandfqxt
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fagafpdt
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE