27e8e1952868f69edc14395219a91a8f

General

Target

27e8e1952868f69edc14395219a91a8f
Size

64KB
MD5

27e8e1952868f69edc14395219a91a8f
SHA1

ee328dc355246591588b417a5416680f22c83a7e
SHA256

88bff02695c2a22e1f1768f86241d6a74797aaa5a37bcaa48c79d891eebb0c08
SHA512

a4aed9b065d047fc62927fa4d3a4149cd0ba5ed480efd34ffc3f70721c026a68939aa06e65dcd984b4861a7b5eb6d91a5e8a0b6479293c75bb904e232d785ee3
SSDEEP

1536:k7SowfMGR8SZn6pB7Yp2sUUUYNOHwSQvBnhYK//5dh:kiFRXZ6n8bCYoHP6hYKZdh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e8e1952868f69edc14395219a91a8f

Files

27e8e1952868f69edc14395219a91a8f
.exe windows:4 windows x86 arch:x86

ce7089171d99f80afb7de1a83462cac6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
QueryDosDeviceW
GetModuleHandleW
CancelWaitableTimer
GetCurrentProcessId
GetSystemTime
GetLogicalDrives
GetLastError
GetVersion
WritePrivateProfileStringW
VirtualFree
GetCurrentThread
GetFileAttributesW
FindFirstFileW
lstrlenW
LockResource
GetFileAttributesExW
LoadResource
InterlockedDecrement
SuspendThread
SizeofResource
VirtualAlloc
CreateEventW
GlobalAddAtomW
LoadLibraryA
SetCurrentDirectoryW
FindNextFileW
GetProcAddress

user32

SetDlgItemTextW
LoadStringW
GetCursorPos
UpdateWindow
VkKeyScanW
SetWindowPos
GetKeyState
RedrawWindow
DestroyMenu
DispatchMessageW
InvalidateRect
FillRect
DrawTextW
PostThreadMessageW
GetDlgItem
SendDlgItemMessageW
DefWindowProcW
GetMessageW
GetClassNameW
SystemParametersInfoW
IsWindow
RegisterClassExW
GetSystemMetrics

gdi32

GetStockObject
CreateDCW
Rectangle
LineTo
StretchBlt
GetMapMode
CreateICW
BitBlt
MoveToEx

advapi32

SetSecurityDescriptorDacl
LookupAccountSidW
LookupPrivilegeValueW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce7089171d99f80afb7de1a83462cac6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1008B

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1008B