27b3f07695e56201699dfc04b3db82c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

27b3f07695e56201699dfc04b3db82c0N.exe
Size

196KB
MD5

27b3f07695e56201699dfc04b3db82c0
SHA1

a6f6e969d952674229c8c538f00dbc4380191000
SHA256

f58efd7a647ee93799bd6c6ae481b047ff0ac5b7bb5387514ac678d53c882b44
SHA512

944864b07fcc50eb15dfe74bebdd57325aac111444f857fd258455933fa90148db8eca17c74beb49e5337787d526a346eb084c3d2f4174cfcbf26267cd3f5699
SSDEEP

6144:qxoYBzDsjfsN/ASsyKrgh4DYK1juiAONb1l:qxoezD4sN/sBI4Dt1juifZl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b3f07695e56201699dfc04b3db82c0N.exe

Files

27b3f07695e56201699dfc04b3db82c0N.exe
.exe windows:5 windows x86 arch:x86

90e95aa56928c65f3a594e5b1f058914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetModuleHandleW
GetProcessHeap
VirtualAlloc
LoadLibraryA
SetLastError
MultiByteToWideChar
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetCurrentProcess
CreateDirectoryW
SetFileTime
WriteFile
CreateThread
ReadFile
CreateFileW
GetCurrentDirectoryW
GetFileType
CloseHandle
FileTimeToDosDateTime
FindFirstFileW
MapViewOfFile
UnmapViewOfFile
FileTimeToSystemTime
FindClose
GetLocalTime
CreateFileMappingW
FindNextFileW
GetFileInformationByHandle
GetSystemTime
GetTickCount
CompareStringW
FlushFileBuffers
WriteConsoleW
GetProcAddress
GetLastError
GetTempPathW
GetFileAttributesW
LoadLibraryW
WideCharToMultiByte
GetFileSize
SetStdHandle
RtlUnwind
MoveFileW
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
EncodePointer
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
GetStringTypeW
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
RaiseException
GetTimeZoneInformation
Sleep
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
SetEnvironmentVariableA

user32

wsprintfA
wsprintfW

advapi32

CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
CryptHashData

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90e95aa56928c65f3a594e5b1f058914

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 5KB - Virtual size: 20KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 5KB - Virtual size: 20KB

.reloc
Size: 9KB - Virtual size: 9KB