Static task
static1
Behavioral task
behavioral1
Sample
tmpf1uhap3c.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
tmpf1uhap3c.exe
Resource
win10v2004-20231127-en
General
-
Target
tmpf1uhap3c
-
Size
893KB
-
MD5
efb3dbc98a7974b96d5b7d520daf7bdc
-
SHA1
b700166cbe9f33206f7c35e96c0a1f0482a01368
-
SHA256
2c76e1c69745332a74f8bf2a9750b20d6b331af1d54550f94a03dfb475ac655e
-
SHA512
8ff20b8cf0dc11eca1835ae2c0993449afe9a258523d7a5d686156bea033037a7fc6d15daf0e96a0fb4a058e06adcf7be369bb46a106d01c46d5ee93d96aa0a3
-
SSDEEP
12288:cBaPwVueH5qX7xEXFXLkwJn4Qqvseieb3teGZM9m37GRpNlAYb28GukXWlfDljip:cwPGqXN0Fkk2LvZM9mID1GuVDRi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource tmpf1uhap3c
Files
-
tmpf1uhap3c.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 890KB - Virtual size: 889KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ