27aa1047693d5c5c1828fac4c699864a

Sharing

Copy URL

Twitter E-mail

General

Target

27aa1047693d5c5c1828fac4c699864a
Size

553KB
MD5

27aa1047693d5c5c1828fac4c699864a
SHA1

4033d94dd85c6399b42a5bfd7f51cc8740af88f2
SHA256

73e03cffe0f816f4ca05050b79fbea61adb2787ab562e132aa82e2d0bba73644
SHA512

1ddbab33758b14273714617e1514099b813e8bddebdf3457de66baf170ae68bc62665539bdedaace586ad47905ae8c9c6b04c8af7bba93bb540b3a12cbd3e1b8
SSDEEP

12288:MsUrLqSTm0j4DnOR/xgELxZjrOqzsa402KDmSNQd8:MsUaUm0j4D18Zjr/zsaGKD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27aa1047693d5c5c1828fac4c699864a

Files

27aa1047693d5c5c1828fac4c699864a
.exe windows:4 windows x86 arch:x86

113dc133e83164ec96fcc2049849798e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetDefaultProviderW
LookupAccountSidA
RevertToSelf
CryptCreateHash
GetUserNameW
AbortSystemShutdownW
RegConnectRegistryW
RegOpenKeyA
CryptGetHashParam
InitializeSecurityDescriptor
CryptAcquireContextW
CryptGetUserKey
CryptEnumProvidersA
RegSetValueExW
CryptHashSessionKey
LookupSecurityDescriptorPartsA
CryptGenKey
RegQueryMultipleValuesA
RegSaveKeyW
CryptAcquireContextA
StartServiceA
RegOpenKeyExA

user32

ShowCaret
DrawFrameControl
RegisterClassExA
MapVirtualKeyA
DestroyWindow
IsZoomed
EndPaint
GetKeyboardLayoutNameA
ChangeDisplaySettingsA
GetParent
ShowCursor
DefFrameProcW
EnumPropsA
RegisterClassA
EnumDisplaySettingsA
MonitorFromWindow
GetDlgItemInt
DdeInitializeA
IsRectEmpty

comctl32

InitCommonControlsEx

kernel32

GetVersionExA
FreeEnvironmentStringsA
GetCPInfo
IsDebuggerPresent
SetEnvironmentVariableA
SetEnvironmentVariableW
VirtualQuery
CompareStringW
GetAtomNameA
TerminateProcess
InterlockedIncrement
HeapDestroy
GetTickCount
GetStdHandle
LoadLibraryA
FreeLibrary
VirtualFree
WriteFile
CompareStringA
GetTimeZoneInformation
GetCurrentProcessId
IsValidLocale
HeapAlloc
FillConsoleOutputCharacterW
SetCurrentDirectoryA
LeaveCriticalSection
SetLocalTime
GetEnvironmentStringsW
Sleep
LCMapStringA
GetOEMCP
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetFileAttributesExA
GetSystemDefaultLCID
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
TlsAlloc
HeapReAlloc
InterlockedExchange
TlsGetValue
SetFilePointer
VirtualAlloc
GetLocaleInfoW
LocalReAlloc
FormatMessageA
GetLocaleInfoA
HeapFree
lstrcpynA
FlushFileBuffers
CreateMutexA
TlsFree
HeapSize
EnterCriticalSection
TlsSetValue
EnumCalendarInfoA
GetCommandLineA
IsBadWritePtr
GetStartupInfoA
GetCurrentProcess
OpenMutexA
GetUserDefaultLCID
LocalUnlock
SetUnhandledExceptionFilter
SetStdHandle
WriteConsoleW
GetProcessAffinityMask
CloseHandle
SetFileAttributesW
InterlockedDecrement
InitializeCriticalSection
GetCurrentThreadId
DeleteCriticalSection
WriteConsoleOutputA
HeapCreate
GetConsoleCP
GetProcessHeap
QueryPerformanceCounter
ExitProcess
SetHandleCount
GetACP
ReadFile
RtlUnwind
GetPriorityClass
GetStringTypeA
OpenFileMappingW
GetFileType
GetProcAddress
GetSystemTimeAsFileTime
CreateRemoteThread
EnumSystemLocalesA
GetLastError
GetConsoleMode
GetModuleFileNameA
CreateFileA
WideCharToMultiByte
GetModuleHandleA
WriteConsoleA
GetCurrentThread
IsValidCodePage
SetLastError
GetStringTypeW
GetTimeFormatA
GetDateFormatA
LCMapStringW
GetConsoleOutputCP
GetNumberFormatW

gdi32

EnumICMProfilesA
ExtFloodFill
CreateScalableFontResourceA
SetBkMode
EnableEUDC
GetTextExtentPoint32A
DeleteEnhMetaFile
CreateEllipticRgnIndirect
GetMapMode
BitBlt
ScaleWindowExtEx
ExtTextOutA
SetViewportExtEx
CreateMetaFileW
SetMetaFileBitsEx
GetPolyFillMode
RealizePalette
CreateFontIndirectW
GetRasterizerCaps
GetBkColor
DescribePixelFormat
PolylineTo
Pie

Sections

.text
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

113dc133e83164ec96fcc2049849798e

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

gdi32

Sections

.text Size: 390KB - Virtual size: 389KB

.rdata Size: 36KB - Virtual size: 56KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 390KB - Virtual size: 389KB

.rdata
Size: 36KB - Virtual size: 56KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 17KB - Virtual size: 16KB