27653add97a3a8e4654ecd5cd29caf4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27653add97a3a8e4654ecd5cd29caf4e
Size

401KB
MD5

27653add97a3a8e4654ecd5cd29caf4e
SHA1

e9dc74d1dea2cae79102a86f9979a310ff401584
SHA256

e9c0996cab223db88dcdc8b3052acae7d5f408360a2ae2d53c004df159170319
SHA512

60cb6e4c1bfe1670b0835486e1f8e3a82fbe0576838fce38aae6359306fa85f400676660a034e5aa8331191b9fdf0ae5d194027b70670cf0325eb3270c94edcf
SSDEEP

6144:hLvqgzrTFOHpmh3xVf0eu40s9qlTH0IZZoKFsH6G48sO1DK68hXr+J9trG:1q+p0pmh3xF0s94THtMKFs/+OeruXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27653add97a3a8e4654ecd5cd29caf4e

Files

27653add97a3a8e4654ecd5cd29caf4e
.exe windows:4 windows x86 arch:x86

0a52afc19eda897357e0304dd1014889

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDlgButtonChecked
EnumWindowStationsW
CheckDlgButton
GetWindowInfo
wsprintfW
EnableWindow

kernel32

AddLocalAlternateComputerNameA
CreateFileW
LoadLibraryExW
CreateProcessW
GetCommandLineA
SetFileAttributesW
GetSystemDirectoryW
GetCurrentThreadId
WaitForSingleObject
MoveFileExW
GetThreadContext
CreateDirectoryW
ExitProcess
CopyFileW
TerminateProcess
FileTimeToLocalFileTime
LocalAlloc
SetEvent
GetFileAttributesW
FileTimeToSystemTime
GetSystemTime
GetAtomNameW
LocalFree
CreateEventA
CreateThread
ResetEvent
GetModuleHandleW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ