27a3bc03a839e411e231b51e73bb639b

Sharing

Copy URL

Twitter E-mail

General

Target

27a3bc03a839e411e231b51e73bb639b
Size

130KB
MD5

27a3bc03a839e411e231b51e73bb639b
SHA1

4e6eb8096474c45c8f17c35db218b8b3592fe403
SHA256

cb9135a1aa03e9a53e04260ef8367f460b3600b104e5528b36c0faeb8c6a095a
SHA512

bc9fd531fddd04b0e59e9fc6c1c0b5e5b486e30abf3a4e4f1a995347806bf1cfe68afe521507dc098378f863773d28c696dfb000edc537ce3a6aa1acdbbcd54f
SSDEEP

3072:nq6EcbQogb8hBhghkuG7jRqbx4ETazeavW9cS6CDy:nq6E3QU3G7jRkRTaR+9cSTe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27a3bc03a839e411e231b51e73bb639b

Files

27a3bc03a839e411e231b51e73bb639b
.dll windows:4 windows x86 arch:x86

eeb99b9a615f00df2eff7d2106ab1077

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey

avicap32

capCreateCaptureWindowA

gdi32

DeleteObject

imm32

ImmReleaseContext

kernel32

lstrcatW
GetModuleHandleA
GetProcAddress
VirtualProtect

msvcrt

malloc

psapi

GetModuleFileNameExA

shell32

ShellExecuteA

shlwapi

StrCmpW

user32

ExitWindowsEx

winmm

waveInUnprepareHeader

ws2_32

listen

ole32

CreateStreamOnHGlobal

Exports

Exports

DoMainWork
DoService
ServiceMain

Sections

�h!��
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�(��
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�!��
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�e��
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeb99b9a615f00df2eff7d2106ab1077

Headers

File Characteristics

Imports

advapi32

avicap32

gdi32

imm32

kernel32

msvcrt

psapi

shell32

shlwapi

user32

winmm

ws2_32

ole32

Exports

Exports

Sections

�h!�� Size: - Virtual size: 66KB

�(�� Size: - Virtual size: 7KB

��� Size: - Virtual size: 2KB

�!�� Size: - Virtual size: 4KB

���� Size: - Virtual size: 3KB

���� Size: - Virtual size: 4KB

���� Size: - Virtual size: 76KB

���� Size: 121KB - Virtual size: 120KB

�e�� Size: 512B - Virtual size: 100B

�h!��
Size: - Virtual size: 66KB

�(��
Size: - Virtual size: 7KB

��
Size: - Virtual size: 2KB

�!��
Size: - Virtual size: 4KB

��
Size: - Virtual size: 3KB

��
Size: - Virtual size: 4KB

��
Size: - Virtual size: 76KB

��
Size: 121KB - Virtual size: 120KB

�e��
Size: 512B - Virtual size: 100B