Static task
static1
Behavioral task
behavioral1
Sample
37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5.exe
Resource
win10v2004-20230915-en
General
-
Target
37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5
-
Size
274KB
-
MD5
4cc0f3267ab9a62c2ca808493121d505
-
SHA1
a98176a8bf4058b8af56a39432b1c27898176ea3
-
SHA256
37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5
-
SHA512
c13476fce7f7b821ab4c520db3ca8da75cb80db46ca19cdd0b1e2baf8b48ceffd5ba300df9079f973344cb9cd50f6115ca90b34e83724b0c1b402e26b716a09e
-
SSDEEP
6144:53vNH7G1pYwSig0Vl0v1FdDRKSb0k5JQ6XYKX613ml7wYst:5fNbG1pYwS90T0tFxcSbTi0YKgmlA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5
Files
-
37ceb7979932d770fa4e0df47565c14ca28290b38cfbef3ef112564e842a1db5.exe windows:4 windows x86
79c1ce3700eb5535ef1e764f2502eb3a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
user32
GetDC
gdi32
PatBlt
winmm
waveOutOpen
winspool.drv
ClosePrinter
advapi32
RegCloseKey
shell32
ShellExecuteA
ole32
OleInitialize
oleaut32
UnRegisterTypeLi
comctl32
ord17
ws2_32
recv
comdlg32
ChooseColorA
Sections
.ChongZi Size: 264KB - Virtual size: 728KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ChongZi Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE