27619b7664772f03dd4a4a7ff7b19627 | Triage

Sharing

General

Target

27619b7664772f03dd4a4a7ff7b19627
Size

5KB
MD5

27619b7664772f03dd4a4a7ff7b19627
SHA1

498fa93605dfb34297ba8b46b223ded75c298b20
SHA256

0315e68dde3a9b0270c02c47331b38d160fc35f138377b542e5ac254bf1dea8e
SHA512

0f7c7e32ba69a0cf69503a0c98c5ce8e731a406d5565a459db2dc523f3caa5ea3110d661457cc80146f1bb9b31ebc8ed32fd9ecd76e579e68ae785e47e60f63c
SSDEEP

96:E+zAPjMPmR8Td0tyoUsyKXCvyG/RGhjw0ltn:EoqjD5yoHRCvyG/Rqs0lt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27619b7664772f03dd4a4a7ff7b19627

Files

27619b7664772f03dd4a4a7ff7b19627
.exe windows:4 windows x86 arch:x86

87d25609054d0d2e0cbcc44eaaf43d90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
VirtualFree
FreeLibrary
DeleteFileA
WriteFile
WaitForSingleObject
CreateThread
ReadFile
CloseHandle
SetFilePointer
GetFileSize
ExitProcess
CreateFileA
GetProcAddress
LoadLibraryA
lstrcatA
GetTempPathA
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA

user32

SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
PostQuitMessage

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE