The file is not packed. It has been written in MSVC (Possibly 2010). Following are the headers present in the PE structure. Below is the PEDUMP of the Trojan PE signature found File Type: EXECUTABLE IMAGE FILE HEADER VALUES 14C machine (x86) 4 number of sections 518EF109 time date stamp Sun May 12 07:01:53 2013 […]
The post TrojanDownloader.Wask Analysis appeared first on InfoSec Resources.