28dc578773f5a9f12f7a2dcce1eb204180a332f997cdfe512c325cf02db0fa80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28dc578773f5a9f12f7a2dcce1eb204180a332f997cdfe512c325cf02db0fa80
Size

349KB
MD5

7c4826abb452285947b6155e75d83542
SHA1

325aa96567e8b6fb73d4a6fab4e3c2499935d569
SHA256

28dc578773f5a9f12f7a2dcce1eb204180a332f997cdfe512c325cf02db0fa80
SHA512

874fb112fe3fe9f097c6082e432369332f9ad0ebf117b350d3a66bcb5165f3263ab8a7713eadfbfff7430eb5314e286f539c17ac664657a74f116ecd4a0139aa
SSDEEP

6144:SaVKyyzwbnUkoiqwcAR92o29tZTEr6UTdO5CksxCDy9pPbzBHU2ytluF+:g7yUTihRQhE9ONs46pP3BHUbt7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28dc578773f5a9f12f7a2dcce1eb204180a332f997cdfe512c325cf02db0fa80

Files

28dc578773f5a9f12f7a2dcce1eb204180a332f997cdfe512c325cf02db0fa80
.exe windows:5 windows x86 arch:x86

04436556038016bdc579850c86f036aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Sections

YHGSDW
Size: - Virtual size: 424KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YHGSDW
Size: 340KB - Virtual size: 344KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE