277f03d2b612a0913054260f3649d34a

General

Target

277f03d2b612a0913054260f3649d34a
Size

48KB
MD5

277f03d2b612a0913054260f3649d34a
SHA1

38c9467f8e0e8c21aff7da52f5474e5993278f46
SHA256

07c7695e38c4f845ad271b06841b439d5cbb2c71553832ab5394f06cfcf348c3
SHA512

becfc8323cb058df4048e116f37f965ce8d5bbf5c365dcc29ffd61583a825dd598558ad142f610c63d191a8fc9a1090cdd052b79c0f151ad38a1bb802685d2ac
SSDEEP

768:HZrgmNdlbfzeiLnJlFLYbQiP4JFNhCoX97h2PvMw4LyIR3TeGrZVcBquwidcH:5z3lbfzpLnJlubdP4JFNw2TzBTeGNVGO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277f03d2b612a0913054260f3649d34a

Files

277f03d2b612a0913054260f3649d34a
.exe windows:5 windows x86 arch:x86

647de1333468911091fffed337c3f907

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

SNB_UserUnmarshal
HGLOBAL_UserMarshal
CoGetMarshalSizeMax
OleCreateLink
CreateStreamOnHGlobal
ReadClassStm
OleQueryCreateFromData
UtGetDvtd16Info
ComPs_NdrDllUnregisterProxy
CLIPFORMAT_UserMarshal
CoInitializeWOW
CoFreeLibrary
HMETAFILE_UserUnmarshal
HMENU_UserMarshal
CoGetApartmentID

kernel32

Thread32First
LZCreateFileW
SetComputerNameA
ExpungeConsoleCommandHistoryW
GlobalAlloc
CompareFileTime
GetSystemTimeAsFileTime
IsValidLocale
LoadLibraryA
LCMapStringA
SetDefaultCommConfigW
GetProcAddress
TryEnterCriticalSection
GetACP
DeleteFileW
SetLocaleInfoW
FatalAppExitA
SetEnvironmentVariableA
WriteFileEx
Heap32First
EnumSystemLocalesA

advapi32

RegEnumValueA
SetSecurityDescriptorOwner
SaferCloseLevel
DuplicateToken
SystemFunction036

msi

MsiViewGetErrorA
MsiSummaryInfoGetPropertyA
MsiEnumFeaturesA
MsiEnumComponentCostsA
MsiGetUserInfoW
MsiOpenPackageW
MsiQueryFeatureStateFromDescriptorA
MsiEnumRelatedProductsW
MsiLocateComponentA
MsiReinstallFeatureA

esent

JetRetrieveColumn@32
JetAddColumn
JetResetTableSequential
JetSetCurrentIndex3
JetRetrieveColumns
JetDelete

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647de1333468911091fffed337c3f907

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

advapi32

msi

esent

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 5KB