Static task
static1
Behavioral task
behavioral1
Sample
setup-lightshot.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
setup-lightshot.exe
Resource
win10v2004-20230915-en
General
-
Target
setup-lightshot.exe
-
Size
5.7MB
-
MD5
416c97ae7efb1385cf83a5fd277e68ee
-
SHA1
db0f6e1076b33662cab852581ac377510f81e025
-
SHA256
d24dd24f10b686aa77ac1626cd919401418af32f533be42b73c88d7da2e267cd
-
SHA512
31b0653ce90c66da3f40b4df866f756a97e8ebd9e9313b1a7d5ac4d4838582875170b350393da8cb44b4cd21fb9833935cf2142dd02aac883c4cca6b6f64dc2e
-
SSDEEP
12288:qxOf+xCKMW8KIpIBkK1B2X8XV5Znznh2PTWdl0s44aOIgwh60sIwpqM0B9:afkBIgPCdldsP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource setup-lightshot.exe
Files
-
setup-lightshot.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 432KB - Virtual size: 431KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ