028956ce9d15e5ffbabcba7786fda5aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028956ce9d15e5ffbabcba7786fda5aa
Size

205KB
MD5

028956ce9d15e5ffbabcba7786fda5aa
SHA1

35c1383bb7eb736a72988e3d5f273d2667a49f5b
SHA256

a2a13945dc2a9139a45a1c78da9f3bc54b93460d6f95a69e1a45f3011765773c
SHA512

22f4548ce86960d275b56fa9ef3bac0d8fba691cafcd1bd62a9a16590ba6a310f6e2f66d267d4bafef8cfedc84d7255a78a8a60fb370168ac2866ec04e2f1c84
SSDEEP

3072:UKY7BSj+F5wV+o3rpn4Fzdh/pqq20L1nUoe:rY7YzVrpn6M2Bf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028956ce9d15e5ffbabcba7786fda5aa

Files

028956ce9d15e5ffbabcba7786fda5aa
.exe windows:5 windows x86 arch:x86

335a81b54bb652b808497e82794d1b63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
ReadFile
ExitProcess

advapi32

RegCreateKeyA
RegFlushKey
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA

user32

DrawIcon
CopyRect
AppendMenuW
GetMenu
GetScrollInfo
AppendMenuA

Sections

.adlm
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jbam
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kile
Size: 142KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mkedh
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gnag
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE