27e7b53f06c32beae79bf9d42345d5983895a4e2751dea0942a62392d14c239cN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27e7b53f06c32beae79bf9d42345d5983895a4e2751dea0942a62392d14c239cN
Size

56KB
MD5

10ba027c56e0c3f6c92e0bcb823b8b40
SHA1

2a004f24c06c5d56b2c1e9e5481b0c22ddfcfef2
SHA256

27e7b53f06c32beae79bf9d42345d5983895a4e2751dea0942a62392d14c239c
SHA512

acbae11230954f650ba01f881bff43bd132a82c435b42f09778e526b7b233c2f6792c2ea37ede634d45b376b3a66a11148dac5c2f49e1fbf1b9bd625e1ed2213
SSDEEP

1536:UcYWPhpLIv5MPYnSJzVscf7rqSbsQI8jVNO0xY0mt4:Ui7SBnSJz+cXnACZU0xJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e7b53f06c32beae79bf9d42345d5983895a4e2751dea0942a62392d14c239cN

Files

27e7b53f06c32beae79bf9d42345d5983895a4e2751dea0942a62392d14c239cN
.exe windows:4 windows x86 arch:x86

01c7fc8cb7b6c15c9644fb8a9dac9677

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
GetDllDirectoryW
WritePrivateProfileSectionA
EscapeCommFunction
GetVDMCurrentDirectories
QueryDepthSList
Module32FirstW
GetModuleFileNameA
GetCurrentProcessId
FlushConsoleInputBuffer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE