0271227f866f0d2e4ceda9ad7f5a3e11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0271227f866f0d2e4ceda9ad7f5a3e11
Size

234KB
MD5

0271227f866f0d2e4ceda9ad7f5a3e11
SHA1

6fc488a87827cce543d9f34656b14902dbe357f3
SHA256

13c825bb1ca0ccdeefedf95ddc295a4eb7805f34b1e755d630aa81268a12ab01
SHA512

2b35775d78f7e2d2435b1b6c03f175add56d3608f15b9f438416e7fa49fa9a3428105b58ac59ec3c76075450e30c99c936a888f583bd60268c93aa26fb38f594
SSDEEP

6144:XvHJDvBDFShDKv8f5emQ3CcqNr9eEGeRHtdLDKih:fpDvBDFeDKkfE3Cp19eE/NJKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0271227f866f0d2e4ceda9ad7f5a3e11

Files

0271227f866f0d2e4ceda9ad7f5a3e11
.exe windows:4 windows x86 arch:x86

dcaeaf7122583994049131cf7283bc9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoReleaseMarshalData
CLSIDFromProgID

kernel32

GetModuleHandleA
DeleteFileA
GetCommandLineW
IsBadReadPtr
lstrlenA
GetACP
LockResource
LoadLibraryA
GetModuleHandleW
GetVersion
ExitProcess
GetThreadLocale
GetLastError
GetTickCount
GetProcAddress
GetCommandLineA
LoadLibraryExA
VirtualAllocEx
GetStringTypeA

advapi32

RegOpenKeyA
RegQueryValueExA

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ