Static task
static1
Behavioral task
behavioral1
Sample
b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989.exe
Resource
win10v2004-20230703-en
General
-
Target
b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989
-
Size
15.5MB
-
MD5
17cb022a87154f4585fdf7b253ab2bd7
-
SHA1
3408eeb6d86faf112bc96bcf80e563386f3b928b
-
SHA256
b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989
-
SHA512
d7042636162475fe651119bb7b4d5430dccad9ee7ffe96b3f99f152d9e76f1af4e18db0c80f91235ecbe155b15d53616960d6d880c55e7464eaaab4104112ad3
-
SSDEEP
393216:YtOuR4ndcboAEFmyEfXGknBU0on4fQbUf6i4Gp09FDZuOR:YtOuSdaEUycnJBKHin0Y2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989
Files
-
b98018b9a8029f7a5e29836eba1c82d9e00ce95efdc3624b562b208f2140d989.exe windows x86
432fc55f13f2f44d1365d832cb8bcac4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
rasapi32
RasHangUpA
winmm
midiStreamRestart
ws2_32
select
user32
GetClipboardData
gdi32
ExtSelectClipRgn
winspool.drv
OpenPrinterA
advapi32
RegQueryValueA
shell32
SHGetSpecialFolderPathA
ole32
CoGetClassObject
oleaut32
SafeArrayAccessData
comctl32
ImageList_Create
oledlg
ord8
wininet
InternetCanonicalizeUrlA
comdlg32
ChooseColorA
Sections
.text Size: 4.8MB - Virtual size: 6.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE