Static task
static1
Behavioral task
behavioral1
Sample
fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af.exe
Resource
win10v2004-20231023-en
General
-
Target
fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af
-
Size
47KB
-
MD5
2a0e2c3677c04db1c1b703dcff21a830
-
SHA1
01ae62a69b4caf6c3105549814aa9020b447d14b
-
SHA256
fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af
-
SHA512
d1da643426ffb155d78ee1994814735e387fdf802788905de6de610f02d295215104334a59c2bae6e0464d7104c4f3d1a491fa4f70f1834a5365cf32d7b6e046
-
SSDEEP
768:oxLPYpcOQ/TZta1nuUc7S+o6OE09DDNi+9dINqkhlWEQha:oxLYpW21nuUc7Po6O/pDNLkhrQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af
Files
-
fdfcf5fb311b74f63ba9ec7a08cc22c4f709ad7bf104634fb378fe0ce7e692af.exe windows:4 windows x64 arch:x64
f66c805e82a42eed13ada07fd32ebb2e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
ReadFile
WriteFile
GetStdHandle
CreateProcessW
GetConsoleMode
SetEnvironmentVariableW
GetConsoleScreenBufferInfo
CloseHandle
GetLastError
CreatePipe
TerminateThread
CreateFileW
CreateThread
ExitProcess
GetCommandLineW
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
SetConsoleMode
ResetEvent
DuplicateHandle
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
FindNextFileW
FindClose
FindFirstFileW
GetEnvironmentVariableW
GetCurrentDirectoryW
GetVersion
GetModuleFileNameW
Sleep
PeekNamedPipe
WaitForMultipleObjectsEx
GetFileType
HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 776B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ