Static task
static1
Behavioral task
behavioral1
Sample
363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e.exe
Resource
win10v2004-20231023-en
General
-
Target
363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e
-
Size
380KB
-
MD5
3fb660dc03326047f9e8e9c66a08e60f
-
SHA1
e9d06d50f338d0d972b598f53fcbac58ecd7c458
-
SHA256
363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e
-
SHA512
8da29df65594e21af9c347c8fbeb02a629c9ed7606a9bbe7d8d82357e20e54e47edaabc07de8710d2da062d7612bc17c47834b2bd80a836a05a4c3580897770b
-
SSDEEP
6144:ELSEKzLRtQESA8KWtCLcsad0gMGhW4GHn7cQuR:ERs/SA8KWQcsaGJ4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e
Files
-
363836d71e3bed7147bb78c639b3c55e2b074e06cd1d50c3cbf3cf993a12447e.exe windows:5 windows x86
c46ec09cd8215d59a72b55d33116b568
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindResourceW
SizeofResource
LoadResource
Sleep
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
CloseHandle
VirtualAlloc
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoA
GetLastError
HeapFree
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
user32
EnumChildWindows
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 338KB - Virtual size: 338KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ