27045f0e6caf9f4bb9c3ea9db383c78d6788fe7e57575767cc1a54ba997a1bbe

Sharing

Copy URL Twitter E-mail

General

Target

27045f0e6caf9f4bb9c3ea9db383c78d6788fe7e57575767cc1a54ba997a1bbe
Size

11.0MB
MD5

11ef652cd5fa6916105512afd70c49fa
SHA1

2e29b05c0c63e957c628bba4eba7e6074e8c0361
SHA256

27045f0e6caf9f4bb9c3ea9db383c78d6788fe7e57575767cc1a54ba997a1bbe
SHA512

0c26c4275ace0cecf2efbd9debea2d0c6a8de1f6baf538ae7617421ff220011bb3fa2117472dd7c6f3757cc0af4983f22bbe41898a6af63403d54e7e2aff81bd
SSDEEP

196608:vaEmhdKTePCBfDVRbolxjGF1HjeUDkB18OglM7/bO13Q:v0hKiQvbRF1HpDkI/M7TO13Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27045f0e6caf9f4bb9c3ea9db383c78d6788fe7e57575767cc1a54ba997a1bbe

Files

27045f0e6caf9f4bb9c3ea9db383c78d6788fe7e57575767cc1a54ba997a1bbe
.exe windows:5 windows x64 arch:x64

9e468b2b5bcdc0201b7738d10461905f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetFilePointerEx
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

ShowCaret

advapi32

CryptEncrypt

shell32

SHGetFolderPathW

ole32

ReleaseStgMedium

oleaut32

VariantInit

shlwapi

PathFileExistsW

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

crypt32

CertOpenStore

wininet

InternetCheckConnectionW

winmm

mixerOpen

wldap32

ord30

wlanapi

WlanReasonCodeToString

gdi32

GetTextMetricsW

comctl32

_TrackMouseEvent

gdiplus

GdipDeletePen

imm32

ImmGetContext

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grc0
Size: - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.grc1
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e468b2b5bcdc0201b7738d10461905f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

iphlpapi

crypt32

wininet

winmm

wldap32

wlanapi

gdi32

comctl32

gdiplus

imm32

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: 542KB - Virtual size: 541KB

.data Size: - Virtual size: 712KB

.pdata Size: - Virtual size: 84KB

.grc0 Size: - Virtual size: 569KB

.grc1 Size: 10.4MB - Virtual size: 10.4MB

.reloc Size: 17KB - Virtual size: 17KB

.rsrc Size: 3KB - Virtual size: 3.9MB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: 542KB - Virtual size: 541KB

.data
Size: - Virtual size: 712KB

.pdata
Size: - Virtual size: 84KB

.grc0
Size: - Virtual size: 569KB

.grc1
Size: 10.4MB - Virtual size: 10.4MB

.reloc
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 3KB - Virtual size: 3.9MB