Static task
static1
Behavioral task
behavioral1
Sample
824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a.exe
Resource
win10v2004-20230915-en
General
-
Target
824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a
-
Size
9.3MB
-
MD5
42bdc10f7daa36843d876dd6b8980bf3
-
SHA1
0a4056c1bfdc4a6d9e445220a1ddbe59d441ceeb
-
SHA256
824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a
-
SHA512
fe179952db31e8398ce733fed8e18c85f1a8c6cddd734bd1133c275a9f53b85b90b6e886e83f53c819691ce0a162996cbbca9e67b225191f8cf9b9b03200ba9f
-
SSDEEP
196608:JkSSDU8Nps/1PgvyyLmXg5/3yBZEs+uVWrzroVc1L:JI8/1YoYykvzQcl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a
Files
-
824f68360c5cf8ed9e13c6fe00051e3950b32e8194e1301d549aad3aca28df8a.exe windows:5 windows x86
1db614cd396dbf9600010feacaf6c3a5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
IsRectEmpty
msimg32
AlphaBlend
shlwapi
PathStripToRootA
uxtheme
CloseThemeData
winmm
PlaySoundA
gdiplus
GdipCreateFromHDC
oleacc
LresultFromObject
imm32
ImmGetContext
gdi32
GetObjectType
winspool.drv
DocumentPropertiesA
advapi32
RegCloseKey
shell32
DragQueryFileA
ole32
RevokeDragDrop
oleaut32
VariantClear
Sections
.text Size: 9.3MB - Virtual size: 12.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE