8f27b80755d7507ca74ab0d322377d0b | Triage

Sharing

General

Target

8f27b80755d7507ca74ab0d322377d0b
Size

8KB
MD5

8f27b80755d7507ca74ab0d322377d0b
SHA1

f7d9c2fa062e06cfee174e3f6b5f07cdf696c134
SHA256

bb92ea5b9eae6d10bcec2d06a4e478971ccdef0d1104c5f379110f0f012da3df
SHA512

8b686aa17bdffff936a87bc0b3de144b6da651fa704d2e50698c57ab84ec6f145b45ac2a9a81ada5de1dc9027f928a24cd2d8406040ed25e3b4b9c4b5e0eb4f5
SSDEEP

192:k5jFDhWfWw2cKTTpHN1thgpq4kD0dwbHicTj2:kTeEcKThwwgcP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f27b80755d7507ca74ab0d322377d0b

Files

8f27b80755d7507ca74ab0d322377d0b
.exe windows:1 windows x86 arch:x86

4fb7455288c66bb16b592a567af93381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ExitWindowsEx
GetMessageA

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
Sleep
WriteFile
lstrcatA
lstrlenA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE