28783f3e29d6fa731f99a02befa9f75f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28783f3e29d6fa731f99a02befa9f75f
Size

30KB
MD5

28783f3e29d6fa731f99a02befa9f75f
SHA1

fc3ba469603f7d57e4259eb65f2d7793c7533076
SHA256

ab2860594751320bf52356f5d16029c48ef31661332e39ab17c76504a862dced
SHA512

4d40d8e33b9ec67a874064493cb125c4a48988c014f085d2490f96dd0aad1c2125054039347eefc82ba9e5b47ddb441ea5cf1a9c8e95eca764b79c19a76f1917
SSDEEP

768:qhjyGVkSXY1ahPhNVenLkLPV+ebciZYXxvFtmo:4jp9XY1O3AnwN34Xh

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pepico/juan/Sasser.A.tmp
unpack001/pepico/juan/Sasser.B.tmp

Files

28783f3e29d6fa731f99a02befa9f75f
.zip
pepico/juan/Sasser.A.tmp
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pepico/juan/Sasser.B.tmp
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE