Static task
static1
Behavioral task
behavioral1
Sample
62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74.exe
Resource
win10v2004-20231023-en
General
-
Target
62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74
-
Size
999KB
-
MD5
f9a158caa2eae9ffc62214fca509432d
-
SHA1
eefa8ee1ed70d19878fb163a6225867f2274b2ce
-
SHA256
62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74
-
SHA512
d2c6a87cbd0a676250815f4d611f61e05302a99fe61da6d79d39fafbb618adc91034524a87f2e7ec5cc8aae1ae21b86af94db336dce433d562d44f2401fc86ff
-
SSDEEP
12288:qoHCHNqiiiyuuD7HZN8omV2SncDRZcsIXzLNqcD5Mq9GMW:rXjHv8omVLcDRZcsIXzRp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74
Files
-
62fe5d5e72399236aafaf877d9ebb0c7201e99393cbb784a585b3d365283eb74.exe windows:6 windows x86 arch:x86
90dae48780c240529a18a1d657e75a4a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
hid
HidP_GetCaps
HidD_SetOutputReport
HidD_GetInputReport
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
kernel32
CloseHandle
CancelIo
ResetEvent
WaitForSingleObject
GetLastError
Sleep
CreateThread
GetTickCount
FreeResource
LoadResource
LockResource
SizeofResource
lstrcmpiA
FindResourceA
DeviceIoControl
GlobalAlloc
GlobalFree
WideCharToMultiByte
DecodePointer
ReadConsoleW
SetEndOfFile
SetFilePointerEx
CreateFileW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapQueryInformation
HeapSize
HeapReAlloc
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
OutputDebugStringA
ReadFile
CreateFileA
GetDateFormatW
SetEnvironmentVariableW
SetEnvironmentVariableA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
FreeEnvironmentStringsW
GetModuleHandleW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
RtlUnwind
GetModuleFileNameW
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetModuleHandleExW
GetStdHandle
WriteFile
ExitProcess
GetACP
HeapValidate
GetSystemInfo
GetCurrentThread
GetFileType
GetStringTypeW
OutputDebugStringW
WriteConsoleW
WaitForSingleObjectEx
SetConsoleCtrlHandler
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
GetStartupInfoW
user32
LoadIconA
EnumChildWindows
GetParent
GetWindowLongA
GetSysColorBrush
MessageBoxA
wsprintfA
EnableWindow
SendDlgItemMessageA
GetDlgItem
EndDialog
DialogBoxParamA
ShowWindow
IsWindow
UnregisterDeviceNotification
RegisterDeviceNotificationA
SendMessageA
SetWindowTextA
gdi32
SetTextColor
CreateFontIndirectA
SetBkMode
comdlg32
GetOpenFileNameA
advapi32
SystemFunction036
Sections
.text Size: 752KB - Virtual size: 752KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 158KB - Virtual size: 157KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 50KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ