Static task
static1
Behavioral task
behavioral1
Sample
fykj.exe
Resource
win7-20230824-en
General
-
Target
b9f8300e939c218192a569230e64ad9345da03a8bddb55619c025a7463d7e20e
-
Size
164KB
-
MD5
cf3cc992f011e27ee25aa8af2b3bab7c
-
SHA1
171367bb93640e2b02051ba28822a51976851dfd
-
SHA256
b9f8300e939c218192a569230e64ad9345da03a8bddb55619c025a7463d7e20e
-
SHA512
b4cf20c9c72564ed7e7f60e7ab027c2d0d255a775ff8286cfa0fdd996e405585cf4f2caeeff782856a9e0eed7b08ef9c26116917d17c34a11df685ee92918069
-
SSDEEP
3072:dS/kD60yEyM56vprX0AKEVJZy0q4YQUlRSDJ5TnlqR/RUSf1fvc:dgT0mMc5XvKEVO/jlIpqrUcs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/fykj.exe
Files
-
b9f8300e939c218192a569230e64ad9345da03a8bddb55619c025a7463d7e20e.rar
-
172.25.32.41病毒源/fykj.rar.rar
-
fykj.exe.exe windows x86
46646950e38cdd1519d35c0c539d2b12
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
SetErrorMode
ExitProcess
Sections
.text Size: 64KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
172.25.32.41病毒源/rqfhs.rar.rar