dec27f43fa131fd55ce7aa077bcf852e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dec27f43fa131fd55ce7aa077bcf852e
Size

53KB
MD5

dec27f43fa131fd55ce7aa077bcf852e
SHA1

a24ff4c3cdd9e5e2be159900e9f5436b4ab1d410
SHA256

d121f850d82d0a3d343f950814a3b708ea8e4d53cdfca634c4f0a07bafbd0fce
SHA512

a247695adbdb052154d520db0ca03235c800b2b0d096f3dcbba584686ee6e322f3fbd3c7527f59e790030c95c6309bde12f1e63527ee9f4045809b83d4b3153e
SSDEEP

1536:oaWUDQKo3b08BaKCIOVX3dLx+ed7Pe4aFauQai0:oODF6bdIKCIIXSed77aFal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dec27f43fa131fd55ce7aa077bcf852e

Files

dec27f43fa131fd55ce7aa077bcf852e
.exe windows:4 windows x86 arch:x86

876b5ee3249dcae0d9cb00f5c4766020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCompressedFileSizeA
GetConsoleScreenBufferInfo
GetSystemDirectoryA
InitializeCriticalSectionAndSpinCount
ReadConsoleInputW
ReadProcessMemory
SetThreadExecutionState
SwitchToThread
VirtualFree
WriteConsoleOutputCharacterW

advapi32

BuildTrusteeWithSidA
GetSecurityDescriptorControl
GetTrusteeTypeW
GetUserNameW
LookupPrivilegeNameA
QueryServiceObjectSecurity
RegConnectRegistryA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
TrusteeAccessToObjectW

user32

CharToOemW
CloseClipboard
DdeGetData
DdeKeepStringHandle
DdeQueryConvInfo
DialogBoxIndirectParamA
GetAltTabInfo
GetProcessWindowStation
IsChild
MessageBoxIndirectW
OffsetRect
ReplyMessage
SetScrollRange

gdi32

CreateFontA
CreatePatternBrush
CreatePenIndirect
CreateRectRgnIndirect
DPtoLP
Ellipse
GetFontLanguageInfo
GetTextCharset
MaskBlt
PolyBezier
PtInRegion
ResetDCA
SetDeviceGammaRamp

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE