28e2ab10ee3dc31fd3b55844dbbf9b86 | Triage

Sharing

General

Target

28e2ab10ee3dc31fd3b55844dbbf9b86
Size

172KB
MD5

28e2ab10ee3dc31fd3b55844dbbf9b86
SHA1

597e7d1ad65569c915879e38545e8fe5072cfc2d
SHA256

e51d0fc80266f7a47b5daaf2bd538558f96fbe6d7ce14f18f00cf55d8d192f78
SHA512

f62be4f073c0f3cf0546a657d4c6cd5e10fde7adc76a39ef86b9ded6e1141793567f4128aad50fd120b1d648e1653998e576384d49704066aab616c22e27ce2e
SSDEEP

3072:h0+fOMmTjLNqf5y9NJLtCfb/T+Z0ASCPUyQ:a+Iof5y9N3oESCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e2ab10ee3dc31fd3b55844dbbf9b86

Files

28e2ab10ee3dc31fd3b55844dbbf9b86
.exe windows:4 windows x86 arch:x86

3de825266511679f8887d05416b1f161

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

kernel32

GetTempPathA
WaitForSingleObject
GetTimeZoneInformation
GlobalAddAtomW
DeleteCriticalSection
GetTickCount
LeaveCriticalSection
ResetEvent
CreateThread
SetEvent
lstrcpyA
IsDBCSLeadByte
EnterCriticalSection
EnumResourceNamesA
VerLanguageNameA
OutputDebugStringA
InitializeCriticalSection
GetFullPathNameW
GetProcAddress
GetFullPathNameA
FileTimeToSystemTime
Sleep
LoadLibraryW
LoadLibraryA
FreeLibrary

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ