Static task
static1
Behavioral task
behavioral1
Sample
test.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
test.dll
Resource
win10v2004-20230220-en
General
-
Target
test.exe
-
Size
177KB
-
MD5
4ad54acb6d8da06887d75a2a7bb045a1
-
SHA1
13e4e442ac5081d470924fe1a21a0d28cd4b1b03
-
SHA256
a9b707f8e20d7adfa83af7e57e3344dfffdfb6398218eedfb76afd36640abed4
-
SHA512
d1102d1b4f5ab1e0e5e65e048d497abe9ca9c7abd8317ab55a07c48bae004693bceb75d17ee59a1e40f90353cac9a81e4b53ce39e3d3f7362e950626f419e955
-
SSDEEP
3072:iuy8UfIeJSwoK8ICoqZM+wVjZv0pe3JeGeFEVyie/EWFB9z7IZL4KFGz7:Xy8irAw6hMjVjZv0pxEgie/V93IZa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource test.exe
Files
-
test.exe.dll windows x86
89bcbfd6de6831b7ab4b0b5805a5bf00
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExW
GetWindowsDirectoryW
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetLastError
GetNumberFormatW
UnhandledExceptionFilter
lstrcatW
lstrcmpA
lstrcmpW
lstrcpyW
lstrlenA
ReadFile
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
GetModuleHandleA
GetCommandLineW
SetUnhandledExceptionFilter
CreateMutexW
gdi32
GetStockObject
advapi32
RegOpenKeyA
RegOpenKeyW
msvcrt
__p__fmode
__set_app_type
_except_handler3
__p__commode
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 988B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 123KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 650B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ