027152c4859303ee1bc2efa06d2eed5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

027152c4859303ee1bc2efa06d2eed5d
Size

56KB
MD5

027152c4859303ee1bc2efa06d2eed5d
SHA1

7a8ab286e381109b5bebc5cda13f2fe24fa54e36
SHA256

2c70c5853d238115a6951111f070c990f2926582a1fa5d6ee34ddc0baf501068
SHA512

ee8e634dcf2d9f1e7e38880bc1c9f3c857387dcc3c7452b26f7dab3cdcc7093d98f68a7567ef9372956035b38b27a656d4fc47f2d7accb57d25b4f9b276cbdd8
SSDEEP

768:gmF2FEAlKi7kFJlYCG+/B6Q2oJ02u12+svZN3qjEBKIhaoBhJohCw4O27roPxxfR:gmwt46DDgnqihJcuz7wxpCQilqsamNkb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
027152c4859303ee1bc2efa06d2eed5d

Files

027152c4859303ee1bc2efa06d2eed5d
.exe windows:4 windows x86 arch:x86

a09214805835320045d281eead38ec5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetMailslotInfo
SetStdHandle
SetConsoleOutputCP
GetConsoleInputWaitHandle
FormatMessageW
AllocateUserPhysicalPages
CreateRemoteThread
VDMOperationStarted
Process32NextW
DosPathToSessionPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE