Static task
static1
Behavioral task
behavioral1
Sample
36754c17de5c603ffb1050a9ab0fad68b73f35d620cae038c00ead2a92ea0997.exe
Resource
win7-20230712-en
General
-
Target
36754c17de5c603ffb1050a9ab0fad68b73f35d620cae038c00ead2a92ea0997
-
Size
649KB
-
MD5
de5fdea1407c91cb5588e8a6215eb407
-
SHA1
8fcae865a803fb1a9156bc744fc7dfa08a3d45a5
-
SHA256
36754c17de5c603ffb1050a9ab0fad68b73f35d620cae038c00ead2a92ea0997
-
SHA512
1279e38a5063b901ad83a0ee000529ec502ab6c034a0d91e76e6da4bafcad615ce702755a93d0cc1b7742c5d642e57a054b41db7ccdebc8191d42e53a25a99ad
-
SSDEEP
12288:MfmFUNwsN+ze8CyMLuvcfQvNvAeQ6jWIEWqxxxxxxxxxxxxxxxxxxCxxxxxxxxxR:Mfs8wlzekX1Q6jWXWqxxxxxxxxxxxxxM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 36754c17de5c603ffb1050a9ab0fad68b73f35d620cae038c00ead2a92ea0997
Files
-
36754c17de5c603ffb1050a9ab0fad68b73f35d620cae038c00ead2a92ea0997.exe windows x86
91c2141c1015cc522bfdbb122dbb0cc7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
msvcp140
?_Xbad_alloc@std@@YAXXZ
vcruntime140
memset
api-ms-win-crt-runtime-l1-1-0
exit
api-ms-win-crt-heap-l1-1-0
free
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-convert-l1-1-0
strtol
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-stdio-l1-1-0
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.MPRESS1 Size: 281KB - Virtual size: 4.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 363KB - Virtual size: 362KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE