28e64c13f023e0b24f17b0ed3fc714d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28e64c13f023e0b24f17b0ed3fc714d3
Size

274KB
MD5

28e64c13f023e0b24f17b0ed3fc714d3
SHA1

a280e1e7173105e140ae6e2ac418a4ce0995aad9
SHA256

5cc5c4de6dc94d8aeb49db2e3ab78eef3728726ae9edfedbd23c1dd34b9572cd
SHA512

25ea73e8c0a253ec03cb69e0c0bfcd81ca8fd13b90ce00931f135b69596ddc6a8638781ac2e3b9e806ad4c54f5cc510a201e724123cbaddc0254d1d61985a985
SSDEEP

6144:VxPNnix/ubhcBxeYlsXfT+7L5hURCy0KfMxK3Nwat61O:TdixScBR0eL71PQdwat61O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e64c13f023e0b24f17b0ed3fc714d3

Files

28e64c13f023e0b24f17b0ed3fc714d3
.exe windows:5 windows x86 arch:x86

bfd7782c181ee3f7255af49740bc8a9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
MoveWindow
GetActiveWindow
EnumChildWindows
GetDesktopWindow
SetWindowLongW
SetWindowTextA
IsCharAlphaA

ole32

CoCreateFreeThreadedMarshaler
CoRevokeClassObject

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

HeapCreate
InitializeCriticalSection
SuspendThread
GetStartupInfoA
GetDateFormatA
LoadResource
DeleteCriticalSection
SetFileAttributesA
FindResourceExA
ExitProcess
GetTickCount
GetProcAddress
FreeLibrary
LoadLibraryA
IsBadStringPtrA
GetTimeZoneInformation
LocalFree
HeapFree
LocalAlloc

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ