28bc79cf73b835d5014e208e809be15f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28bc79cf73b835d5014e208e809be15f
Size

64KB
MD5

28bc79cf73b835d5014e208e809be15f
SHA1

e3271e761c9ec7ab37407b89676e175f3d93415d
SHA256

076e8f699d4e6d7fc1935d27278d74e41605aee33ba85c5b8eeaa25b49d55769
SHA512

619710d9a8da2403bf836046781a3a3373ec3ba8df01525f81fe1f428e3049577092e8ece935b37a2ac79b4568822c4937f8a5ed58129d19e5b10141e3c79030
SSDEEP

384:aiy1lOrgz3FwfdFX1kR+Si4wL8UjRA/VuuLOM8VvxfxspeLw8joyQx6sgAyirWmL:vHgz3uVMRlUjRMuWx8nfxLM2VlJAhaa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28bc79cf73b835d5014e208e809be15f

Files

28bc79cf73b835d5014e208e809be15f
.exe windows:5 windows x86 arch:x86

f54bc385506bc5f11b724cc01787e4ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetProcAddress
LoadLibraryA
GetProcessHeap
VirtualAlloc

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ