28fbf21211d70cc0e1c58c6864098528e524764496e844f4b4dfb98e31aa9010 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28fbf21211d70cc0e1c58c6864098528e524764496e844f4b4dfb98e31aa9010
Size

8.8MB
MD5

3d274684cf9a96622adf12bf7ba8a38b
SHA1

969c7f0b9bcd3f518aa7234eac13c31ff5c0471e
SHA256

28fbf21211d70cc0e1c58c6864098528e524764496e844f4b4dfb98e31aa9010
SHA512

bd1c9191f7afbde2f969b63ea2ce84f81e8524c25cd3e76d33818521e8dd63822f88475d2524c814b954cea461ad53f7e638985a3bc05bf92b254b9c3f31dea5
SSDEEP

196608:6T2ettQQffwV0wfCbrpXKR20B0M3T3oyFJMrofEIuJgGidh7Qqm:6T2ettuWwQpXKR20B0M3kofSJej7U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28fbf21211d70cc0e1c58c6864098528e524764496e844f4b4dfb98e31aa9010

Files

28fbf21211d70cc0e1c58c6864098528e524764496e844f4b4dfb98e31aa9010
.exe windows:5 windows x86

27b95feea8392c589f659515f9f5c92c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

GetTextColor

comdlg32

GetFileTitleA

winspool.drv

GetJobA

advapi32

SetThreadToken

shell32

SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA

oledlg

ord3

ole32

OleQueryLinkFromData

oleaut32

VariantInit

oleacc

LresultFromObject

Sections

.text
Size: 8.8MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE