Static task
static1
Behavioral task
behavioral1
Sample
3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527.exe
Resource
win10v2004-20230831-en
General
-
Target
3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527
-
Size
713KB
-
MD5
8d44dd41a4c48590d3565dc37b3e1116
-
SHA1
70919a0c89483e4151a0f9de65af47b20577f564
-
SHA256
3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527
-
SHA512
9de0696faf36e84833898fb6b72487583d1fd8e975f60f2c86de909b420e9bd4cae877133ab873d3042dcace559480ad28f0e97cc6e4759bae0b944a11e8cd14
-
SSDEEP
12288:NFFzNhgUacAWkSf3salv7m5LbWItbs5GrNOLUh0k2tnpuewfaKyDYdEVk0EG:jFzaccg3l9QtboGATtNwfaKEVVE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527
Files
-
3673f6a96d75a390bbc097c8d0358b223245094e9ffe2b5107283fead787b527.exe windows x86
a0f8e97d554fe3f9f2bb041742d6f50d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
CreateWindowExA
gdi32
SelectObject
gdiplus
GdipGetImageGraphicsContext
ole32
CoUninitialize
imm32
ImmAssociateContext
shell32
SHAppBarMessage
shlwapi
PathFileExistsA
winmm
PlaySoundA
ws2_32
socket
rasapi32
RasGetConnectStatusA
winspool.drv
OpenPrinterA
advapi32
RegCloseKey
oleaut32
LoadTypeLi
comctl32
ImageList_Add
wininet
InternetCloseHandle
comdlg32
GetFileTitleA
Sections
CODE Size: 699KB - Virtual size: 4.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE