28c9e1a048f36936309d35ab9404e2c2 | Triage

Sharing

General

Target

28c9e1a048f36936309d35ab9404e2c2
Size

254KB
MD5

28c9e1a048f36936309d35ab9404e2c2
SHA1

47bb5e3676d634788fb3eb35527a6f381ad224d5
SHA256

f009518fe3b89beab258364cb9b40ae28dee4cf14c36380a006b08d921ec0f11
SHA512

9f802c32485ed04e2a694653611fda430876217c465639179266f216302924ef60b1b73e6341f0e620f45f3f441adea991040c6ed2868d732de5916df547f118
SSDEEP

3072:k8HUEtigrU+pB9rkuVhcoMP39koigXo9it2atcZLGAJ3y/t/1gcIs2:VHUEtW66ohc9/So5XZtlAJ3yltgcIs2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28c9e1a048f36936309d35ab9404e2c2

Files

28c9e1a048f36936309d35ab9404e2c2
.exe windows:5 windows x86 arch:x86

f57f03d4e91513aa6833710854d7546e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
lstrcmpA
GetLocalTime
CopyFileExA
lstrcatA
FormatMessageA
ExitThread
GetCPInfo
DeleteFileW
GetFileTime
ExitProcess
DeleteFileA
HeapFree
HeapAlloc
OpenFile

advapi32

RegQueryValueExA
RegQueryValueExW
RegOpenKeyA
RegEnumKeyExA
RegQueryValueA
RegCreateKeyExW

user32

GetDC
DialogBoxParamA
GetScrollInfo

Sections

.367e
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d195
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3g92b
Size: 215KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.he0bd
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0ag1
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE