Static task
static1
Behavioral task
behavioral1
Sample
49f83fdd2c6626fc9e451f87e26a5a53.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
49f83fdd2c6626fc9e451f87e26a5a53.exe
Resource
win10v2004-20231215-en
General
-
Target
49f83fdd2c6626fc9e451f87e26a5a53
-
Size
3.4MB
-
MD5
49f83fdd2c6626fc9e451f87e26a5a53
-
SHA1
f7806734d8b6e25f41ff3e08bab0cdaf0de00126
-
SHA256
092bbaed5787e37d60475b17e74deb70a3a3d4022fa696c8cf0a2a8b6c3b4ad2
-
SHA512
929d7f8ab1a9f8c5b77599368976df311ecdb5697c06cf540f0fb183b6a353751505b81680723f44ad149fafea1b6ca1558344834010ffbe7b0db91d8d0fcb9b
-
SSDEEP
98304:5q+BFk/j3MSoWyjNbiOTiyRNZJt13k3/6:xB67MSoWyjcwjJt13E
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 49f83fdd2c6626fc9e451f87e26a5a53
Files
-
49f83fdd2c6626fc9e451f87e26a5a53.exe windows:4 windows x86 arch:x86
14bd49a80b70e480627398feda4fecd6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLastError
GetCurrentProcessId
GetModuleHandleW
QueryPerformanceCounter
GetProcAddress
CloseHandle
TerminateProcess
Sleep
FreeLibrary
SetLastError
LocalFree
LeaveCriticalSection
WriteFile
WaitForSingleObject
GetModuleFileNameW
GetStdHandle
GetStartupInfoW
IsDebuggerPresent
GetCommandLineW
ReadFile
RaiseException
GetFileType
GetModuleHandleA
HeapReAlloc
GetConsoleMode
FlushFileBuffers
TlsAlloc
HeapSize
WriteConsoleW
LoadLibraryW
LoadLibraryExW
CreateThread
SetFilePointer
CompareStringW
GetStringTypeW
RtlUnwind
GetModuleFileNameA
GetEnvironmentStringsW
SetStdHandle
IsProcessorFeaturePresent
DeleteFileW
VirtualAlloc
GetCommandLineA
CreateFileA
GetFileSize
EncodePointer
VirtualFree
GetModuleHandleExW
GetFullPathNameW
LoadResource
UnmapViewOfFile
GetExitCodeProcess
ExpandEnvironmentStringsW
user32
DispatchMessageW
ReleaseDC
DefWindowProcW
MessageBoxW
CreateWindowExW
SetWindowLongW
GetWindowLongW
GetDlgItem
GetSystemMetrics
GetWindowRect
PostMessageW
SetWindowPos
GetParent
LoadIconW
SetFocus
BeginPaint
ScreenToClient
RegisterClassW
EnableMenuItem
GetKeyState
Sections
.rdata Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 612KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE