27fe61af914622d6aac9ea2e621c38cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27fe61af914622d6aac9ea2e621c38cd
Size

191KB
MD5

27fe61af914622d6aac9ea2e621c38cd
SHA1

f57a9ff5db1e14cee964e29641246d6f00837eeb
SHA256

e6c6a1b2dd5de4f6b63b2993a2ac6905355c48274038e60d296090a42b1e9469
SHA512

a2799c48d5fbc86d4fd5820cbb5282f4eb3b2a6ae8febb21a48f2933d0074a441f596b1e4c5f560ade934dd072502f6f250b45e29a472e755b72fea7f107bf30
SSDEEP

3072:zRyiAXI/VghWUBAdT4HvXooCeaUpYlPTNuArUSEEiYgzXRKCREu96i3H:4iC/vHCeaUpYp8ArUStOREyJ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27fe61af914622d6aac9ea2e621c38cd

Files

27fe61af914622d6aac9ea2e621c38cd
.exe windows:4 windows x86 arch:x86

d2ba98caa71a4b44bcb9bc7ad2bc3ab1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
GetShortPathNameW
SetCurrentDirectoryW
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetStringTypeW
LocalFree
FileTimeToSystemTime
SetThreadAffinityMask
FindClose
LocalAlloc
GetSystemDirectoryW
LoadResource
CompareStringA
EnumResourceNamesW
IsBadReadPtr
FindFirstFileW
GetOEMCP
GetLocalTime
SetThreadPriority
FreeLibrary
FindNextFileW
FindResourceW
LCMapStringW
SetErrorMode
SetEnvironmentVariableW
GetCurrentProcess
SearchPathW

user32

UpdateWindow
EnableWindow
RealGetWindowClassA
GetCapture
SetCapture
ValidateRect
DestroyWindow
IsWindowEnabled
IsWindow
ReleaseCapture
InvalidateRgn
ValidateRgn
FlashWindow
ExcludeUpdateRgn
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ