27aa6024d44b48abae2b6b338f7c1eb029840c8f41a71cc960dbdbaecd204bd6 | Triage

Sharing

General

Target

27aa6024d44b48abae2b6b338f7c1eb029840c8f41a71cc960dbdbaecd204bd6
Size

1.6MB
MD5

93367a06275cc8ce728bf81076c35fb0
SHA1

8d5f8e52ccaf79a5f7557cab6b06500231f2e348
SHA256

27aa6024d44b48abae2b6b338f7c1eb029840c8f41a71cc960dbdbaecd204bd6
SHA512

9aa58ebe6f5744414c1c1d1eb6fe2e6c5d0ff264f9fa0751eeb0317aa96346bcd4a79ae4a2ce935b1c658b994f86039575831fa53ed4b50cdb9646edf1839757
SSDEEP

49152:ttTcgeldmL3Q/UCR6EvOHAKymj4Cu60FArtMecb:ggeLs3QjviAK/4C3rtcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27aa6024d44b48abae2b6b338f7c1eb029840c8f41a71cc960dbdbaecd204bd6

Files

27aa6024d44b48abae2b6b338f7c1eb029840c8f41a71cc960dbdbaecd204bd6
.dll windows:5 windows x86

76985ac425391b548c9c9da6947e30f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetMappedFileNameW

kernel32

HeapReAlloc

advapi32

LsaFreeMemory

shell32

SHCreateDirectoryExW

winmm

timeGetTime

msvcrt

malloc

iphlpapi

GetInterfaceInfo

user32

GetWindow

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ