28cb6d8980fbd588ee8eb97cfcf6f3d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28cb6d8980fbd588ee8eb97cfcf6f3d4
Size

268KB
MD5

28cb6d8980fbd588ee8eb97cfcf6f3d4
SHA1

66ea008dd29290d4627b0f2016cf80362f912bcd
SHA256

c648b999bf01e1a2d5b5f42696c15119b0b79b3fad3962b77b26dc8ee4bfe26f
SHA512

4dcd4675fb8816a2aa8548eac5fee7a459d5156116deef55a599eb50fc7b57cf1df96bf1bd580b7b3fb760f5ce6873a9e736ff85415544297c71396151693cbc
SSDEEP

6144:DDvaDEc1Yq23Z1WIDo+iCdq7bFoAFA4SdJ:DDva0q23ZDxbvuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28cb6d8980fbd588ee8eb97cfcf6f3d4

Files

28cb6d8980fbd588ee8eb97cfcf6f3d4
.exe windows:4 windows x86 arch:x86

6f8fe7219571404d60860078312d84f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memcmp

kernel32

LoadLibraryA
GetConsoleCP
GetNamedPipeInfo
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
CreateFileA
GetEnvironmentVariableA
ReleaseMutex
IsSystemResumeAutomatic

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ