Static task
static1
Behavioral task
behavioral1
Sample
53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce.exe
Resource
win7-20230824-en
Behavioral task
behavioral2
Sample
53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce.exe
Resource
win10v2004-20230703-en
General
-
Target
53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce.zip
-
Size
133KB
-
MD5
6b2e4f5b4ddcbeced5a39669a77fc649
-
SHA1
a7783f0f45aebebd57d85de3e0fa608f812085e6
-
SHA256
2622cd891ff6151e1c9bb5af31b691c6e91d58d30e2d0446ecd9aabbb0f12d0d
-
SHA512
0c74dacd5f7ca210bd7bc7a6c9e360bb559b39dfb3124f7216f681b93be7addef1ca166ad6334b50f8aff4aa033c20cd440b6487215d8391f416686ba00fab5b
-
SSDEEP
3072:7kJtGjKopaf3GC5vdmgmNw6xriCH9rVbQ9XOqnEwh:7kypaf3GbNw+i01+XDEwh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce
Files
-
53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce.zip.zip
Password: threatbook
-
53b5d0397777ff7b544a1f75739588fe449a2d6d2f4d4f4bb4d51228caa060ce.exe windows x86
Password: threatbook
2490ef86265b304a338209e0de814c6a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcess
CompareStringA
SetConsoleMode
SetThreadLocale
OpenMutexW
GetModuleHandleW
OpenMutexA
HeapAlloc
HeapCreate
LoadLibraryA
CopyFileW
CompareStringW
GetACP
GetCurrentProcessId
CloseHandle
ReadFile
GetFileSize
DosDateTimeToFileTime
CreateFileA
GetModuleFileNameA
DuplicateHandle
GetCurrentThreadId
DeleteFileW
GetFileAttributesA
GetFileType
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetConsoleCtrlHandler
GetLastError
GetProcAddress
GetOEMCP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
WaitForSingleObject
SetLocaleInfoW
DeleteFileA
SetLocaleInfoA
GetModuleHandleA
WriteFile
VirtualFree
HeapDestroy
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
RaiseException
HeapReAlloc
TerminateProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
SetEnvironmentVariableA
user32
IsWindowEnabled
CreateWindowExA
FindWindowExW
ShowWindow
OpenIcon
GetWindowTextLengthA
DeleteMenu
IsWindow
GetWindowTextLengthW
GetWindowTextW
IsZoomed
FindWindowExA
CreateWindowExW
FindWindowW
gdi32
CreateSolidBrush
advapi32
AddAccessDeniedAce
AddAccessAllowedAce
oleaut32
SysAllocStringByteLen
GetErrorInfo
Sections
.text Size: 36KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 160KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ