40776c58e14177edf86f34704c7dfd64977afe33fe6eb15af67c48727192dce4[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

40776c58e14177edf86f34704c7dfd64977afe33fe6eb15af67c48727192dce4.exe
Size

176KB
MD5

0af30a7eb44ccfd5632bce6dac15cdd9
SHA1

fe1eb7393be58456d9e2044200b4813d9d1f669d
SHA256

40776c58e14177edf86f34704c7dfd64977afe33fe6eb15af67c48727192dce4
SHA512

15790ecb6edc2a19f929cdde9ed82158a3a238c651156a1d2282bf5d6fda5838b39819830e5b1edea150feade96b9944bc39b83325736c2af3b71c1e36109d24
SSDEEP

3072:bRC/UmzULMWQzL8+j+Fegyht8y7dTMiT5NrAvLs0pne8gRQL:NPmAMWKo+S0rv8ytMsrAvIbRQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40776c58e14177edf86f34704c7dfd64977afe33fe6eb15af67c48727192dce4.exe

Files

40776c58e14177edf86f34704c7dfd64977afe33fe6eb15af67c48727192dce4.exe
.exe windows:4 windows x86 arch:x86

8f65638efe1be3baf70d0082d6775691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
WaitForMultipleObjectsEx
MulDiv
GetACP
ResetEvent
MultiByteToWideChar
FindFirstFileW
Sleep
WaitForSingleObject
InitializeCriticalSection
GetModuleHandleW
GetModuleFileNameA
GetThreadLocale
GetLastError
EnterCriticalSection
GetProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InterlockedDecrement
FindClose
GlobalLock
FileTimeToSystemTime
GetVersionExW
FindFirstChangeNotificationW
InterlockedExchange
GetSystemTimeAsFileTime
CreateEventW
GetCurrentProcessId
FreeLibrary
EnumResourceTypesW
InterlockedIncrement
SetEvent
GlobalReAlloc
lstrcpynW
lstrlenW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetFullPathNameW
CreateThread
ExitProcess
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetProcAddress
GetLocaleInfoA
lstrlenA
CloseHandle
FileTimeToLocalFileTime
FindCloseChangeNotification
FindNextChangeNotification
GetDriveTypeW
GetVersionExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragQueryFileW
SHGetDesktopFolder
SHGetFileInfoW

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

BringWindowToTop
DrawFocusRect
GetCursorPos
EnableWindow
SendMessageW
GetClientRect
GetDC
LoadCursorW
SetRectEmpty
GetWindowLongW
InflateRect
GetDesktopWindow
GetWindowRect
SetWindowLongW
ShowScrollBar
EqualRect
LoadImageW
GetParent
TrackPopupMenuEx
SetFocus
ReleaseCapture
ScreenToClient
FillRect
GetSysColor
ClientToScreen
CopyRect
IsRectEmpty
IntersectRect
SetRect
PostMessageW
KillTimer
OffsetRect
GetActiveWindow
UpdateWindow
SetCursor
GetSystemMetrics
FrameRect
GetSysColorBrush
FindWindowExW
CreatePopupMenu
IsWindow
IsWindowVisible
DrawTextW
UnionRect
ReleaseDC
DefWindowProcW
PtInRect
SetCapture
DestroyMenu
SetTimer
SetForegroundWindow
wsprintfW
InvalidateRect

ole32

OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitialize

advapi32

RegSetValueW
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f65638efe1be3baf70d0082d6775691

Headers

File Characteristics

Imports

kernel32

shell32

avifil32

user32

ole32

advapi32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 252KB