Static task
static1
Behavioral task
behavioral1
Sample
Keyboard Makro.exe
Resource
win7-20230712-en
General
-
Target
Keyboard Makro.exe
-
Size
14KB
-
MD5
74f7a78e7e7b9968db9566266f08c7be
-
SHA1
d526c6ff95a853d4417355073a50050a068145a3
-
SHA256
e7469e71c8fd6f7ca3ab528de2ae91df3e5cb83149849355b72d9195f3665b7b
-
SHA512
4d8e181e3d44bfbafe2ab5321008cb45359684cb38e6c577e1e0cede91d2378073163bf6f796d28fd8c7afabe71c1d7dc2533a2c14b838bc7c509bca5714923f
-
SSDEEP
384:OAl1fY+M0K0xF4hDtfdcT0IjwR02yESD0/nAidVf+OrNqR:OPF9w+M0/AyV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Keyboard Makro.exe
Files
-
Keyboard Makro.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ