28b899bf4b5b86f5f2ffeddee2ae5832 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28b899bf4b5b86f5f2ffeddee2ae5832
Size

309KB
MD5

28b899bf4b5b86f5f2ffeddee2ae5832
SHA1

96f5b3f996651a83d33e4b345475a4a801f8ac26
SHA256

8e160f8fbccf47dbab945ed61f77ec591a8332cd237d6653a7f31f0bdc672ec3
SHA512

193451b39fbe3fb10cef8ef910d8e83cf4c8faaeaa8bdf5c13e74596810b8e42aa6ac51de90209fd7e8a2f0a336a5c0f51beefcd95d4509b22e948a9a9e2cb7f
SSDEEP

6144:G8XCssQRa2NoDY8nqLTo7nFksIcDcyCKxkkaZjzZ1IECq+tbeSe2j:G8XsoojqLsnBXDch1V0wS9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b899bf4b5b86f5f2ffeddee2ae5832

Files

28b899bf4b5b86f5f2ffeddee2ae5832
.exe windows:4 windows x86 arch:x86

b20f0bd037776d02d8a20d43233f4af6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegCloseKey

comctl32

ImageList_Add

gdi32

SaveDC

oleaut32

VariantCopy

urlmon

URLDownloadToFileA

version

VerQueryValueA

Sections

.text
Size: 29KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE