27e387d9dcfbcb1ce0ee0caf8f27425b

General

Target

27e387d9dcfbcb1ce0ee0caf8f27425b
Size

286KB
MD5

27e387d9dcfbcb1ce0ee0caf8f27425b
SHA1

f261ccb190fa457bedad744862f5dff1a8544635
SHA256

f14bd4d150272849a4e34d031846833ef5dff242ed6500b96beb7fd7b30bf8a8
SHA512

2f2ee8c0e9bb68ebeb26734ed00b2d34e0a9cf3e22907a84bbc4e7cdf8b8b4565a31b5742b65ecc3a73a499a009d00fff7a1612e70e6e817a508f9fe93ed080e
SSDEEP

6144:oyPX2rgXo7B5DYT6Z11lpPy4ZX7pVJZf12eIclmS:vv2rgXutzy4xLJFT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e387d9dcfbcb1ce0ee0caf8f27425b

Files

27e387d9dcfbcb1ce0ee0caf8f27425b
.exe windows:4 windows x86 arch:x86

cdf6fc875440d8e888d77d77b9ddec7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

MulDiv
GlobalUnlock
lstrlenA
InterlockedIncrement
HeapSetInformation
LeaveCriticalSection
GlobalFindAtomA
GetComputerNameW
GetLocaleInfoW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetTickCount
InterlockedDecrement
InterlockedExchange
LocalAlloc
TlsAlloc
TlsFree
lstrlenW
WaitForSingleObject
SetLastError
EnumResourceNamesA
InitializeCriticalSection
SetUnhandledExceptionFilter
TlsSetValue
EnterCriticalSection
GetStringTypeW
GlobalHandle
RaiseException
GlobalFree
FormatMessageW
SetLastError
TlsGetValue
lstrcmpW
GetOEMCP
CreateFileW
CloseHandle
MultiByteToWideChar
GlobalAlloc
DeleteCriticalSection
GlobalLock
WideCharToMultiByte

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathAppendA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathCreateFromUrlW

Sections

.text
Size: 147KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdf6fc875440d8e888d77d77b9ddec7d

Headers

File Characteristics

Imports

kernel32

rpcrt4

shlwapi

Sections

.text Size: 147KB - Virtual size: 283KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 136KB - Virtual size: 135KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 147KB - Virtual size: 283KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 136KB - Virtual size: 135KB

.rsrc
Size: 512B - Virtual size: 4KB