28ec546f51dda180e58768418d8c2ee95391f72695f1251d26ef91389d5c4e1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28ec546f51dda180e58768418d8c2ee95391f72695f1251d26ef91389d5c4e1b
Size

40KB
MD5

aed58123d4417dce1bdd40923202e48e
SHA1

826b148f61f160f74e8373cc2d3f836f67164080
SHA256

28ec546f51dda180e58768418d8c2ee95391f72695f1251d26ef91389d5c4e1b
SHA512

b16e870e3e2f38943f993ccb93618fda75cb1ce61619062970d68bcf5a5d8d4d10f9199f4b7fc6302192060e77565e3d9d3aac8990986c72c84c2055c005f04e
SSDEEP

192:FtaE9L9s/htcnNfzdC8XlgdEnMxNIKWtIaf+gMuiuj+I:FtH9yZr+lT82X2gGu6I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ec546f51dda180e58768418d8c2ee95391f72695f1251d26ef91389d5c4e1b

Files

28ec546f51dda180e58768418d8c2ee95391f72695f1251d26ef91389d5c4e1b
.dll windows:4 windows x86 arch:x86

a16fce87c6ff98dece7846817831a9ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1168
ord1253
ord342
ord823
ord1182
ord825
ord699
ord772
ord397
ord500
ord800
ord912
ord538
ord5606
ord5860
ord4188
ord3663
ord2393
ord5440
ord6383
ord5450
ord6394
ord6142

msvcrt

_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
__CxxFrameHandler
_purecall

Exports

Exports

??0CdaStash@@QAE@XZ
??1CdaStash@@UAE@XZ
??_7CdaStash@@6B@
?Push@CdaStash@@QAEJIIJ@Z
?PushTick@CdaStash@@IAEJIIJ@Z
?PushTickList@CdaStash@@IAEJIIJ@Z
?Retrive@CdaStash@@QAEHAAI0JPAH@Z

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ