Static task
static1
Behavioral task
behavioral1
Sample
27c3fc41552df652645555cc7475201e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
27c3fc41552df652645555cc7475201e.exe
Resource
win10v2004-20231215-en
General
-
Target
27c3fc41552df652645555cc7475201e
-
Size
60KB
-
MD5
27c3fc41552df652645555cc7475201e
-
SHA1
7ab43a0032f6f0df5136ef59e3e3b0bb8ea02a8e
-
SHA256
6babe9edf6149f4a2165bc17408bf7b50e64ca37d454292439f1bb354ca18baa
-
SHA512
112cae9a51cf6e00716b7bd1e051820e0ba1c34565c5f8e73e77517443bf85a9515e7e8b20ee6a0968a63f5ab8d8f078962516cb6bec63d63daee69ac5a31b8b
-
SSDEEP
768:FVHjelLt/t7L9EtxM8VSx3em7EU8QJ1vocebfLGBuB+Zx/TnE85BwpT:fylRmxMuSx3emgUb7oBbf1crnEuK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 27c3fc41552df652645555cc7475201e
Files
-
27c3fc41552df652645555cc7475201e.exe windows:4 windows x86 arch:x86
0c30c194bc57e22be28175eb334f48cd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeLibrary
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
GetStdHandle
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetACP
FlushFileBuffers
CreateFileA
SetFilePointer
GetCPInfo
GetOEMCP
SetEndOfFile
ReadFile
MultiByteToWideChar
user32
MessageBoxA
advapi32
RegSetValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
ctosuser
ord3
ord4
Sections
.text Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE