Static task
static1
General
-
Target
Lab_01-2.malware
-
Size
8KB
-
MD5
02658bc9801f98dfdf167accf57f6a36
-
SHA1
dd3570f117f2996792e4d3bf20a6a0aba6409bcc
-
SHA256
8a35842d3f5963f715def0bbd0a53d7ffaae2d2ca79f56a5ac8bede64749d279
-
SHA512
0634aff7d3ca412017bdf1954872bcc78345c7bd6acc44d3ebe06c49acd36253a2b05a36e37ef7371c82fcf9eee8c31189b131011cedfbb8c82499f2c4fb3ddb
-
SSDEEP
192:Uzy5B0/hiXS65w6gOBnP4oynKWCl8CbW1:Uzyp7w6tB4gWCl8CbW1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Lab_01-2.malware
Files
-
Lab_01-2.malware.exe windows x86
47791490aa2f22e4aca4cb598e98c271
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
WriteFile
CloseHandle
GetWindowsDirectoryA
ReadFile
PeekNamedPipe
CreateProcessA
CreatePipe
wininet
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetQueryOptionA
InternetSetOptionA
InternetCloseHandle
HttpSendRequestA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetReadFile
msvcrt
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__CxxFrameHandler
strstr
strlen
memcpy
??3@YAXPAX@Z
fread
strcmp
sprintf
strrchr
ftell
fseek
fclose
fopen
??2@YAPAXI@Z
fwrite
atoi
strcpy
sscanf
strcat
memset
_exit
_XcptFilter
exit
__p___initenv
_strnicmp
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 580B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ