Static task
static1
General
-
Target
a9d98b15c94bb310cdb61440fa2b11d0c7b4aa113702035156ce23f6b6c5eecf
-
Size
529KB
-
MD5
1fd0080eda2d94c8faf78a631c2f8ed4
-
SHA1
b6bd8768abe8b6a873f50232d28fb65d70cfef53
-
SHA256
a9d98b15c94bb310cdb61440fa2b11d0c7b4aa113702035156ce23f6b6c5eecf
-
SHA512
2fe2a36aa0ea055ed8ee6808995f156413b654b4af182e17386a4f53a92f6d05ff6f6c05581193b291d51520b314d2d26942eb29d8646c1ce3ec9ef08b927708
-
SSDEEP
6144:4WaWUKdui3I/vDuCIalp+W4oY+1jdEs1kpohLoilO:WrealH4eL9So
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a9d98b15c94bb310cdb61440fa2b11d0c7b4aa113702035156ce23f6b6c5eecf
Files
-
a9d98b15c94bb310cdb61440fa2b11d0c7b4aa113702035156ce23f6b6c5eecf.exe windows x64
ce5ea93bb9bd1b5932c95bcfc03789ef
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
ws2_32
inet_ntop
netapi32
NetUserEnum
NetApiBufferFree
iphlpapi
GetAdaptersAddresses
ConvertLengthToIpv4Mask
GetAdaptersInfo
winhttp
WinHttpQueryDataAvailable
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpConnect
WinHttpQueryHeaders
WinHttpReadData
kernel32
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GlobalMemoryStatusEx
Sleep
HeapAlloc
HeapFree
GetProcessHeap
LocalAlloc
LocalFree
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
FindClose
GetVolumeInformationW
CloseHandle
GetLastError
GetComputerNameExW
GetNativeSystemInfo
GetComputerNameA
VerSetConditionMask
GlobalFree
VerifyVersionInfoW
lstrcmpiW
CreateFileW
FindFirstFileW
FindNextFileW
GetFileAttributesW
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
WideCharToMultiByte
LeaveCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
EnterCriticalSection
WriteConsoleW
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetCommandLineA
GetCommandLineW
GetFileType
advapi32
RegOpenKeyExW
GetUserNameW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
Sections
.text Size: 256KB - Virtual size: 256KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 163KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ