Static task
static1
Behavioral task
behavioral1
Sample
8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1.exe
Resource
win10v2004-20230915-en
General
-
Target
8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1
-
Size
9.7MB
-
MD5
5ad6a87d10db443c7f1b610be1aec04f
-
SHA1
0e59249e48101fbf41d735d01ebcad2a23a85c6b
-
SHA256
8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1
-
SHA512
89b6ff8df9c46d2d0cdf31cb831ee7e66890b6d0c65ffd8967243ceb3eb0f4396e319d6815734a8a47854ed1ba3fec04313e47561f0361e6d7f5f52145264318
-
SSDEEP
196608:iSeJoC+T4r1lUH6VSYtX+rdxrNYx+B8Qqxp63QRmpS1sfa1mpV1sf9jJy/AIQ+Xw:i+oRG6D+RxrrBd2rP1dy1z5X78
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1
Files
-
8a9ea70fff16d9e342d8aac86f7dd1e93f2719f4f0c779b30bb58aa5a10667d1.exe windows:4 windows x86
432fc55f13f2f44d1365d832cb8bcac4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
rasapi32
RasHangUpA
winmm
midiStreamRestart
ws2_32
select
user32
GetClipboardData
gdi32
ExtSelectClipRgn
winspool.drv
OpenPrinterA
advapi32
RegQueryValueA
shell32
SHGetSpecialFolderPathA
ole32
CoGetClassObject
oleaut32
SafeArrayAccessData
comctl32
ImageList_Create
oledlg
ord8
wininet
InternetCanonicalizeUrlA
comdlg32
ChooseColorA
Sections
.text Size: 4.3MB - Virtual size: 6.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE