Static task
static1
General
-
Target
poc.7z
-
Size
6.5MB
-
MD5
629fa49b3156f09fc62f3043a873c57f
-
SHA1
cf4431913f906b88ffa90390183f7be72b5d13bd
-
SHA256
b9332d3f3dfe2b979b465a14a58642d8144c1a6ce74594ce5a9ec416442aac5f
-
SHA512
31a9bb9f19c3ba77fb38ffdd898512f8439ef972e9525447e004e8ef88c2082079671ed6ecae0d373628888e098a5b59fa4c9bf0aadc64fa2e5b182a88096aa2
-
SSDEEP
196608:qmdDGXQ+bD/Vmex4LOsr7b/CBoFY+Aqkr:H6gcLVRhWCCFY+N6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/hack.EXE
Files
-
poc.7z.7z
-
CET_TRAINER.CETRAINER
-
hack.EXE.exe windows x86
8d92fa1956a6a631c642190121740197
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathAddBackslashA
PathStripPathA
PathRemoveFileSpecA
kernel32
GetModuleFileNameA
FindResourceA
GetModuleHandleA
SizeofResource
LoadResource
GetTempPathA
CreateDirectoryA
DeleteFileA
CreateFileA
WriteFile
CloseHandle
CreateProcessA
WaitForSingleObject
RemoveDirectoryA
FlushFileBuffers
GetTempFileNameA
GetCurrentThreadId
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
user32
MessageBoxA
advapi32
ConvertStringSecurityDescriptorToSecurityDescriptorA
Sections
.text Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6.6MB - Virtual size: 6.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ