General

  • Target

    TwingateWindowsInstaller.exe

  • Size

    81.9MB

  • MD5

    54be7fa22ab8bf77dd7f9b1f3edad379

  • SHA1

    68e91f755c007e6f0be6b1b81f72f0a9aa5fd46f

  • SHA256

    258c713562b0b18b8572a3d23c83d338b4c5cdb5fb421e47b78475ddd2cf7c06

  • SHA512

    41cc86a7298b6a3454e2368935fddb0645555f18894c32471b72bf5023410d7d858d68accccb6901cd174ae1f4c729864e1ba356a3a79e0dee857cdd62a82631

  • SSDEEP

    1572864:KYTufAs+mNKQHyPkQgM8KAsXNC3xCUH/3ivgHQeN0jRgXJN9HoRTFo0zS8Bw5rtY:KGDQHyPGM8CXU3Em/l30j65NSoqDy5xw

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • TwingateWindowsInstaller.exe
    .exe windows:4 windows x86 arch:x86

    f4639a0b3116c2cfc71144b88a929cfd


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NetCoreCheck.exe
    .exe windows:6 windows x64 arch:x64

    db01dbed28dab851029b3b5318e0a973


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TwingateWindowsInstaller.msi
    .msi
  • $PLUGINSDIR/dotnet-WindowsDesktop-x64.exe
    .exe windows:6 windows x86 arch:x86

    f57d7a40ebfca87e6f8082251d937ed8


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ndp48-web.exe
    .exe windows:5 windows x86 arch:x86

    9b2f6a441f9ff8df98ae6e9e6b5d4271


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    68b7023f8923dd087549802f8fa631c3


    Headers

    Imports

    Exports

    Sections