c27e5aedcc71f74e61ad50d87a8fa9c9beac5e60bf8b5de1f45aff2ea198c6ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27e5aedcc71f74e61ad50d87a8fa9c9beac5e60bf8b5de1f45aff2ea198c6ee
Size

8.2MB
MD5

ba74fb8890acb2193af197837655a1ec
SHA1

e45af98af60fa461cbac9ba050db30c7a41e27fe
SHA256

c27e5aedcc71f74e61ad50d87a8fa9c9beac5e60bf8b5de1f45aff2ea198c6ee
SHA512

e8edc6fb13f76c79b1140d27219990261569af7c9fb429ba103c6d5b366c774b8cf5cfd2645299938c0a38dd74900209291000083c10c97e9c1a7a5642d68ece
SSDEEP

196608:5hoZdIjp3e7oQmzIo8T9h6BF0wzGLMjkis84HG4:EEjpLhOh630wGskis

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27e5aedcc71f74e61ad50d87a8fa9c9beac5e60bf8b5de1f45aff2ea198c6ee

Files

c27e5aedcc71f74e61ad50d87a8fa9c9beac5e60bf8b5de1f45aff2ea198c6ee
.exe windows:4 windows x86 arch:x86

def9eac3e7d12dbf4d487d0ae547724c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetForegroundWindow

gdi32

GetTextMetricsA

winmm

midiOutReset

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantCopyInd

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

GetFileTitleA

Sections

.text
Size: 7.7MB - Virtual size: 23.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 429KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE