27ff1f11cf82cb00d5f1ce7735c8b34e3c71c65d386477b9383eccf7b31ac71c

Sharing

Copy URL Twitter E-mail

General

Target

27ff1f11cf82cb00d5f1ce7735c8b34e3c71c65d386477b9383eccf7b31ac71c
Size

3.4MB
MD5

b7d6ad61bfdfaa20cf534a74c062b48e
SHA1

1b8385f295d3b27988765926e6a04ce1c40360c7
SHA256

27ff1f11cf82cb00d5f1ce7735c8b34e3c71c65d386477b9383eccf7b31ac71c
SHA512

06ce61a3c3af5462ab6714880dd44bbbdf70e821dbd415055a003b48c9b0896cf749ad21d7bea911e4b4879b4d145f3bf08535421a6a4bf9fd7b25d0621e823f
SSDEEP

98304:sodVfYsjxOEA5MsiTym8TrmBrJLIzESbsDaGt:hGsjxNAViTcmPSYDBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ff1f11cf82cb00d5f1ce7735c8b34e3c71c65d386477b9383eccf7b31ac71c

Files

27ff1f11cf82cb00d5f1ce7735c8b34e3c71c65d386477b9383eccf7b31ac71c
.dll windows:4 windows x86 arch:x86

85a11543c865ca896d6c6306435e534e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA

user32

GetCursorPos

gdi32

SelectPalette

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

closesocket

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

GetCommand
GetCommandCount
GetFormatVersion
GetPluginDescription

Sections

.text
Size: 2.4MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85a11543c865ca896d6c6306435e534e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.7MB

.sedata Size: 1016KB - Virtual size: 1016KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 2.7MB

.sedata
Size: 1016KB - Virtual size: 1016KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB