027830b66225658cbfb44cae104c5440N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

027830b66225658cbfb44cae104c5440N.exe
Size

104KB
MD5

027830b66225658cbfb44cae104c5440
SHA1

1f77d7f781a0bbe810a67c1776e8b5cfd6da35ad
SHA256

f7ad7607ba304bed19880698d7eae341ee689265e3f54181bcf76338d587249b
SHA512

4db64629cb7e23899c9a3164bba465d019a85ff5f3db4030d3117586d9d9858a4008ae537a6635b7b1a481e47acb0659f6d0233ab5cd6839ff29dd3190b32b45
SSDEEP

1536:V0N9k3lzSfkbq0mhs0wm7rhNrhDn6STkyQ2sWXROcdToy9J2KimqURN:V4IX0wm33Rky/NTog2Ki5UR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
027830b66225658cbfb44cae104c5440N.exe

Files

027830b66225658cbfb44cae104c5440N.exe
.dll regsvr32 windows:5 windows x86 arch:x86

7b6833d5680283f0b24edfad33554569

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\cpp\t7z\Debug\t7z32.pdb

Imports

kernel32

FormatMessageW
FileTimeToSystemTime
LoadLibraryW
FileTimeToLocalFileTime
GetProcAddress
LocalFree
FreeLibrary
MultiByteToWideChar
InterlockedIncrement
WriteConsoleW
DecodePointer
GetModuleFileNameW
InterlockedDecrement
WideCharToMultiByte
lstrlenW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
HeapReAlloc
HeapSize
SetStdHandle
GetStringTypeW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
InterlockedFlushSList
SetLastError
RtlUnwind
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
CreateFileW

user32

wsprintfW
MessageBoxW
SetTimer
KillTimer

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey

ole32

PropVariantClear
CLSIDFromString

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
VariantInit
SysFreeString
SysStringByteLen
SysAllocString
VariantCopy
SysStringLen

shlwapi

PathMatchSpecW
SHCreateStreamOnFileEx
ord12
ord219
SHDeleteKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b6833d5680283f0b24edfad33554569

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 280B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 280B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB