Static task
static1
General
-
Target
halo.exe
-
Size
3.4MB
-
MD5
ff5367fb15e97102cd19d7385af42c18
-
SHA1
4e8f7e06a5169a04cb6dbb245ecaeeaa5313028e
-
SHA256
7796e9b6c7399902c105948511c2ba546aac6c699606e33bf3827c1e4b749937
-
SHA512
c7ebdaeb41c4372e693e9d500c08f2dc67af2e0252ba83d8c06bbccf60e3739adc7c55a094078dc36a8db2c6e5cdf885240f4bc58626489e35787771b8376628
-
SSDEEP
98304:LRQmUKPy1+wJP9+wjQunvrgdNXo1Tf9fu70sAh1eJ7:tyKPy1+u93jQuvkRALe1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource halo.exe
Files
-
halo.exe.exe windows x86
Password: infected
0c9fb1d5c0fefbe8aed416df06e770cd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess
user32
MessageBoxA
ws2_32
inet_ntoa
dsound
ord9
winmm
timeEndPeriod
vorbisfile
ov_clear
gdi32
SetTextColor
advapi32
OpenThreadToken
ole32
CoCreateInstance
oleaut32
VariantInit
binkw32
_BinkSetSoundSystem@8
wininet
InternetQueryOptionA
wsock32
__WSAFDIsSet
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 236KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
stxt774 Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
stxt371 Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE