27c7c12b95bff9dce274f6d88516dafa1c4d79446ecadb4ed9386864f2338fec

Sharing

Copy URL Twitter E-mail

General

Target

27c7c12b95bff9dce274f6d88516dafa1c4d79446ecadb4ed9386864f2338fec
Size

1.3MB
MD5

cf83c781ff650a64e2fb9bbeeac84ab3
SHA1

c220f36cf14955908dc2d674672718d2b274eaa9
SHA256

27c7c12b95bff9dce274f6d88516dafa1c4d79446ecadb4ed9386864f2338fec
SHA512

21d9fd9c9294905553f0d7f194731c3f87f83c5346d4c9ab197596b1e9f760133a9cbfa6ed475178d340ee21113cc8e9172edf9704e4f0a177847b7784d754e9
SSDEEP

24576:O+Z4DNgo0Mx3bWbgS1/6F14Spq1CHPZOP9sxj6f1FjTqSJSzkodZ3fw:74DmjcrWbLQ14SI1GAVQj6f1hqSEbZ3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27c7c12b95bff9dce274f6d88516dafa1c4d79446ecadb4ed9386864f2338fec

Files

27c7c12b95bff9dce274f6d88516dafa1c4d79446ecadb4ed9386864f2338fec
.exe windows x86

62b6edc657ece542b9c61fddfd79cb65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LockResource
WideCharToMultiByte
SizeofResource
MultiByteToWideChar
GetVersionExA
FindResourceA
GetModuleHandleA
CreateProcessA
ReadFile
SetFilePointer
LCMapStringW
GetFileType
FlushFileBuffers
IsBadCodePtr
LCMapStringA
SetUnhandledExceptionFilter
LoadLibraryA
IsBadReadPtr
GetACP
GetCPInfo
GetOEMCP
VirtualAlloc
IsBadWritePtr
SetStdHandle
GetStringTypeW
GetStringTypeA
CreateFileA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
GetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
GetLastError
CloseHandle
GetProcAddress
SetEndOfFile
TerminateProcess
GetEnvironmentStringsW
WriteFile
HeapReAlloc
HeapAlloc
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

user32

GetDlgItem
SetWindowPos
GetSystemMetrics
SetDlgItemTextA
LoadIconA
SetWindowTextA
EndDialog
SendMessageA
GetClassNameA
MessageBoxA
DialogBoxParamA
GetForegroundWindow
GetLastActivePopup
GetWindowThreadProcessId
IsIconic
SetForegroundWindow
ShowWindow
BringWindowToTop
GetWindowTextA
FindWindowExA
EnumWindows
EnumChildWindows

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62b6edc657ece542b9c61fddfd79cb65

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 350KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

Size: 60KB - Virtual size: 60KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 350KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB