28dd20632caba2a3a08c39c73fe46e59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28dd20632caba2a3a08c39c73fe46e59
Size

655KB
MD5

28dd20632caba2a3a08c39c73fe46e59
SHA1

0ab8e4cbd2476992e35c51b231b2552367dd1721
SHA256

113f4b3db4a9afb97513bf1dae5e0dd99f20c11ff385f33eeb0459025f86fc17
SHA512

13667a49f00674774b35dd5118767b4b64592b643569084ed447adc1675546332b5b9b46c6c2d403b25ce0cf1fb955fa71467401cac72cc296dcea8b2e639bb6
SSDEEP

12288:PWBm+95nHfF2mgewFX5cu8XjIhU3+AbTmARKsxep04Sjw/wfk5v+ns+:PWBz95ndbgfX5c9XjIhzgTmARKsxep09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28dd20632caba2a3a08c39c73fe46e59

Files

28dd20632caba2a3a08c39c73fe46e59
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ