27675a4aa8dcf65f0ce2d51cb979694a

General

Target

27675a4aa8dcf65f0ce2d51cb979694a
Size

441KB
MD5

27675a4aa8dcf65f0ce2d51cb979694a
SHA1

f653bc732c89577efbe4b2324f0712742af9bb68
SHA256

9273d5b9be9f65dfe258f76a90146947ed8985479a9db09d635724965a4bcb80
SHA512

7161951a42372001799cf5f849a91e69ea30ce34a79dead5408790cbb4f6e00741b8e4a0c4c2cefb0bfa5165db10431356f02c163447f2d0fb036c0198040a5a
SSDEEP

6144:Vnjy9uWIXeBqpyCugbNCO3X1446TuSWqq6Sr7znYIeUnFoCNjXPu+:VjyBqpFugbNt3lQTWuSr7rYIpXP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27675a4aa8dcf65f0ce2d51cb979694a

Files

27675a4aa8dcf65f0ce2d51cb979694a
.exe windows:4 windows x86 arch:x86

112a42a704606f474df4caec1382de2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsA
SetLastError
DeleteCriticalSection
RtlUnwind
HeapDestroy
CompareStringW
GetCurrentProcess
GetTimeFormatA
VirtualAlloc
TlsGetValue
SetEnvironmentVariableA
HeapReAlloc
GetStdHandle
CreateMutexA
GetStartupInfoA
GetCurrentThread
TlsFree
GetModuleFileNameA
GetEnvironmentStrings
HeapCreate
ExitProcess
GetLastError
GetVersionExA
IsBadWritePtr
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCommandLineA
LCMapStringA
QueryPerformanceCounter
FillConsoleOutputCharacterA
VirtualProtect
GetFileTime
VirtualFree
GetCurrentThreadId
GetCPInfo
HeapAlloc
GetStringTypeW
HeapFree
WritePrivateProfileSectionW
TlsSetValue
GetCurrentProcessId
CompareStringA
HeapSize
GetUserDefaultLCID
WriteFile
IsValidLocale
GetACP
GetLocaleInfoW
InitializeCriticalSection
GetDateFormatA
MultiByteToWideChar
WideCharToMultiByte
CreateThread
EnterCriticalSection
GetModuleHandleA
GlobalFlags
GetFileType
GetLocalTime
GetLocaleInfoA
UnhandledExceptionFilter
GetTempPathW
SetFileAttributesA
FreeEnvironmentStringsW
IsValidCodePage
GetProcAddress
GetOEMCP
GetStringTypeA
EnumSystemLocalesA
SetHandleCount
InterlockedExchange
LCMapStringW
TerminateProcess
GetSystemInfo
VirtualQuery
LeaveCriticalSection
TlsAlloc
RemoveDirectoryW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW

wininet

FtpGetCurrentDirectoryA
InternetTimeToSystemTimeA
FindNextUrlCacheContainerA
InternetSecurityProtocolToStringW
InternetErrorDlg
GopherGetLocatorTypeW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112a42a704606f474df4caec1382de2f

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

Sections

.text Size: 158KB - Virtual size: 158KB

.data Size: 273KB - Virtual size: 296KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 158KB - Virtual size: 158KB

.data
Size: 273KB - Virtual size: 296KB

.rsrc
Size: 8KB - Virtual size: 8KB