Static task
static1
Behavioral task
behavioral1
Sample
035bd15c1fcd06401b17159bee410606e2792e06e17d8bafb3b6fe6590bdc0e4.exe
Resource
win7-20230220-en
General
-
Target
035bd15c1fcd06401b17159bee410606e2792e06e17d8bafb3b6fe6590bdc0e4
-
Size
475KB
-
MD5
26e28b0d5e50624d2597ae65cdd41dd5
-
SHA1
22df9e9c2b453f5126d01058fdd2c063c7ca6e8c
-
SHA256
035bd15c1fcd06401b17159bee410606e2792e06e17d8bafb3b6fe6590bdc0e4
-
SHA512
319c6b6f02b3ac23e8c8432d05c8f11c28fd4d29c4b9fba10e50ec9fa48c8f13b823aa6035ad21afd7ab04d99d217931b5cec8c2c925094f22631cd6fe57c9f6
-
SSDEEP
12288:Td4feexfPFg3nyXkeiv7LDe5tBJ/fsdSUHCrp9VX:9EOXUkegvDeTj0dSUH2p9VX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 035bd15c1fcd06401b17159bee410606e2792e06e17d8bafb3b6fe6590bdc0e4
Files
-
035bd15c1fcd06401b17159bee410606e2792e06e17d8bafb3b6fe6590bdc0e4.exe windows x86
2562ea6b781d13f2ea137842aca806cf
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
OpenClipboard
gdi32
GetClipRgn
winmm
midiStreamRestart
winspool.drv
ClosePrinter
advapi32
RegCloseKey
shell32
ShellExecuteA
ole32
OleUninitialize
oleaut32
UnRegisterTypeLi
comctl32
ImageList_Destroy
ws2_32
ioctlsocket
comdlg32
GetFileTitleA
Sections
.text Size: 452KB - Virtual size: 956KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 22KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE