Static task
static1
Behavioral task
behavioral1
Sample
34fd1859ea157faa915b953695a4109b.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
34fd1859ea157faa915b953695a4109b.exe
Resource
win10v2004-20231201-en
General
-
Target
34fd1859ea157faa915b953695a4109b
-
Size
307KB
-
MD5
34fd1859ea157faa915b953695a4109b
-
SHA1
d05648a9345f116facd8a459a70fceae05170bde
-
SHA256
19627dbc033b0ea6854aaa46f1356b12363122e5ed89c74fd3b7f5901cd0730f
-
SHA512
194ae461e6027bf0be985a4a08db3914fa9643ad5992042a7cd6ac040859e5373f0e784526af54e3095c660484a6010f3d5b67c36db2b1bf2d2d0bd975470f6b
-
SSDEEP
6144:utnuznqTEC6wbi6m0WauK9CqxlLc5Wd8dwjdJ1NxuNY36taslKXGdCZE/csH5o4J:utUqTdVVWamqxlLc5Wd8dwjdJ1NxuNY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34fd1859ea157faa915b953695a4109b
Files
-
34fd1859ea157faa915b953695a4109b.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
xiAKA Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 210KB - Virtual size: 210KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ