Static task
static1
Behavioral task
behavioral1
Sample
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642.exe
Resource
win7-20230220-en
General
-
Target
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
Size
514KB
-
MD5
b13392a05917316585959b7d166a3732
-
SHA1
0f969fd094615d20e51f11aa1a65e4301d365948
-
SHA256
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
SHA512
2895df0ad78785dc8a51da8b1c87e6299b2eff1a0c26a982fcb0fe8f556b536305361ab3a7c1944665a19345145a9276f25c4bc7e0e826a2633b52b435da1ad8
-
SSDEEP
12288:kv5JI23GIqqfOec2Y00I0mBW8En+eVp9TgLNAi:kw2Xqqmec2YIDq+eVneAi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
Files
-
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642.exe windows x86
2562ea6b781d13f2ea137842aca806cf
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
OpenClipboard
gdi32
GetClipRgn
winmm
midiStreamRestart
winspool.drv
ClosePrinter
advapi32
RegCloseKey
shell32
ShellExecuteA
ole32
OleUninitialize
oleaut32
UnRegisterTypeLi
comctl32
ImageList_Destroy
ws2_32
ioctlsocket
comdlg32
GetFileTitleA
Sections
.text Size: 496KB - Virtual size: 1000KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE