28d9f0911c18cfc6d85498b42a75f9d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d9f0911c18cfc6d85498b42a75f9d7
Size

101KB
MD5

28d9f0911c18cfc6d85498b42a75f9d7
SHA1

1b0b5ffff7970f604f476a714ee1e1116c872dd3
SHA256

c6d5ab8254c28287fff61dc62b1c906f005374a16c7d17951273ba30097f7b98
SHA512

7669089181efb6296d7591dd46b4246df0759d6d3bebbf1a55f36c5d55c37b9b52bfff103e7031233d7e6fe4fff468fa552db28c8bdc911afe5e05802e6055e0
SSDEEP

1536:pXJ0H7KV2l2s1jQzkVHStlEZ7yIqELzNvfConbRi6ENOkdhHDWZjc:Dq7KVin0zaylEBLB6oedhjWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d9f0911c18cfc6d85498b42a75f9d7

Files

28d9f0911c18cfc6d85498b42a75f9d7
.exe windows:5 windows x86 arch:x86

9f938cc72620d675371e65b8db23996b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetSystemTime
GlobalFindAtomA
GetCommandLineA
VirtualAlloc
lstrcmpiW
RemoveDirectoryA
VirtualFree
RemoveDirectoryW
FindClose
lstrcmpA
lstrlenW
QueryPerformanceCounter
DeleteFileA
CopyFileA
lstrlenA
GetModuleHandleA

user32

GetDesktopWindow
TranslateMessage
GetParent
GetSystemMetrics
CharNextA
GetDC

gdi32

GetTextMetricsA
LineTo
GetStockObject
SaveDC
DeleteObject
CreatePalette
SelectPalette
RectVisible
DeleteDC
GetPixel
CreateSolidBrush
SetMapMode
GetDeviceCaps
GetObjectA
SetTextAlign
SetStretchBltMode
GetClipBox
SelectObject
RestoreDC
SetTextColor
CreateFontIndirectA
CreateCompatibleDC

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE