027d0bf24ff7a1a53036357b1ac7bbe319248e66dbd76883a8542a2c1355e80c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

027d0bf24ff7a1a53036357b1ac7bbe319248e66dbd76883a8542a2c1355e80c
Size

820KB
MD5

3998661676b54d53d5ed8115a37eb06b
SHA1

256486eb4bfd7325afb0b3296fc06fd734837b7d
SHA256

027d0bf24ff7a1a53036357b1ac7bbe319248e66dbd76883a8542a2c1355e80c
SHA512

acaf81566c00ef594cdfb679dd0d934cc4e9b5765c9052b7e1b300c0e4d706d4d2074ed9d4636cfe8f88a5b79e7666c237d453db2a1cf287093e24cb4d870316
SSDEEP

24576:DZ94LyZ2avwqig5jVsb7OQpmDR+RYoYzZDRTG2ogLg:DZ94Ly3vrig5jVsVKKY/gek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
027d0bf24ff7a1a53036357b1ac7bbe319248e66dbd76883a8542a2c1355e80c

Files

027d0bf24ff7a1a53036357b1ac7bbe319248e66dbd76883a8542a2c1355e80c
.exe windows:4 windows x86 arch:x86

efa0859549fb8bb7bbeed05292671d4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeW
lstrcpynA
Heap32Next
GetCurrentThreadId
GetDiskFreeSpaceW
GetModuleHandleA
lstrcpynA
GetCurrentDirectoryA
VirtualFree
lstrcpynA
VirtualProtectEx
WriteFile
SetThreadPriority
GetSystemTime
lstrcpynA
OpenMutexW
lstrcpynA
ReadConsoleA
GetDriveTypeW
GetFileType
lstrcpynA
GetPrivateProfileIntA
lstrcpynA
lstrcpynA
lstrcatA
lstrcpynA
lstrcpynA
GetVolumeInformationA
lstrcmpW

d3d8

Direct3DCreate8
ValidatePixelShader
DebugSetMute
ValidateVertexShader

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 796KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ