c27f2b767081e83bc0557045fe37a0dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27f2b767081e83bc0557045fe37a0dc
Size

7KB
MD5

c27f2b767081e83bc0557045fe37a0dc
SHA1

fccfc785f4428bacac8787448e61cbfa95c00f86
SHA256

81563951ac5c063dafea92004654e386cd785de9dce359cf55e8562b5ca31d9a
SHA512

69c767c01b05305325a1718a260865ebf61e1e3b46b9d3823c70558c56b125adf62026321eb649a62c017c731b9f38441e21c4047a6cd3f88830af025c3ae091
SSDEEP

96:HWDrOqsEdlPeETwwmZlsSpYkluvJUBT3nQDUqmyaflwSkXs0H1:2DSqsEPecmZuqYsuvJUxQDUqmWJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27f2b767081e83bc0557045fe37a0dc

Files

c27f2b767081e83bc0557045fe37a0dc
.dll windows:4 windows x86 arch:x86

e40f82a10bf426a31aed67c6acd2a75a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcAddress
GetModuleHandleA
Sleep
GetModuleFileNameA
GlobalFree
ReadProcessMemory
GlobalLock
GlobalAlloc
VirtualProtectEx
GetCurrentProcess
GetCommandLineA

user32

GetKeyboardState
UnhookWindowsHookEx
CallNextHookEx
ToAscii
SetWindowsHookExA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

msvcrt

_initterm
malloc
_adjust_fdiv
_stricmp
free
strlen
strstr
strncpy
??3@YAXPAX@Z
memcpy
strrchr
memset
strcpy
strcmp
strcat
sprintf
??2@YAPAXI@Z

Exports

Exports

fa
fb

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ