27603266be7833e70754950f5e6e3ff4 | Triage

Sharing

General

Target

27603266be7833e70754950f5e6e3ff4
Size

186KB
MD5

27603266be7833e70754950f5e6e3ff4
SHA1

b76e815a60be6328a0cf40fdbadf017e868017f8
SHA256

799f68557a96a989f734a4049cce6f79efb0cc846c3765c57ffa68b7df28e6d1
SHA512

43392f67db9fb7fb4c501c9760e155883c572e825ee68832821cde65510e8d374ebe4a959e97009e29cd2f0012ffaa2c3adc6a242b153094829d73a8147a4dc0
SSDEEP

3072:pTd/53vZS808YRGQ6ZDgvyjxnbf8yjt7ps5J+kKXzY7k/i4mOj4+vRm:bx3BbYMTZkvyjN5pls5+zYki4N9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27603266be7833e70754950f5e6e3ff4

Files

27603266be7833e70754950f5e6e3ff4
.exe windows:4 windows x86 arch:x86

cdbd3a78dc65fa33b15540720dfc6ce6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
FileTimeToSystemTime
InitializeCriticalSection
EnterCriticalSection
LoadLibraryW
WaitForSingleObject
OutputDebugStringA
CreateThread
LeaveCriticalSection
Sleep
ResetEvent
LoadLibraryA
EnumResourceNamesA
GetTempPathA
VerLanguageNameA
DeleteCriticalSection
IsDBCSLeadByte
GetTimeZoneInformation
GetFullPathNameA
GetFullPathNameW
GetProcAddress
lstrcpyA
GetTickCount
SetEvent
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ