27b34893f16a8d49650621dd320468abc3050a2d7c49144428fb7da9d07c486a

General

Target

27b34893f16a8d49650621dd320468abc3050a2d7c49144428fb7da9d07c486a
Size

516KB
MD5

c5be10b6e6fb9f60cfbbd5cee5648f9c
SHA1

90fb886f0dee7f7341092ef77cc42195df3dfeea
SHA256

27b34893f16a8d49650621dd320468abc3050a2d7c49144428fb7da9d07c486a
SHA512

10a1928866297461bc26ae937cba157372408015a14823b049a526e81e2281a5e78821a2e383c2c65086965d76eaffc90e7acbe61a2009dd2afa9d6d65736731
SSDEEP

6144:d/urFQUUZM24vXpEvtZNXEcORzKld9830UAhqzaX3pGMKLYjjeZ4GpeV4Lz5GbR4:+LUZM9purdK0q+IYxj4o9Q7OGeNUFx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b34893f16a8d49650621dd320468abc3050a2d7c49144428fb7da9d07c486a

Files

27b34893f16a8d49650621dd320468abc3050a2d7c49144428fb7da9d07c486a
.exe windows:4 windows x86 arch:x86

cfd6ae89f8899b4846c4a9fdbcc0f084

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CreateFileMappingW
VirtualAlloc
GetProcAddress
LoadLibraryW
Sleep
RtlUnwind
HeapAlloc
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
GetLastError
CloseHandle
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetStdHandle
FlushFileBuffers
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
MultiByteToWideChar
VirtualProtect
GetSystemInfo
LoadLibraryA
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapSize

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 452KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfd6ae89f8899b4846c4a9fdbcc0f084

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 452KB - Virtual size: 454KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 452KB - Virtual size: 454KB

.rsrc
Size: 4KB - Virtual size: 16B