Static task
static1
Behavioral task
behavioral1
Sample
f1ac61c5cccc6e76dd193867004e2c13.exe
Resource
win7-20231215-en
General
-
Target
f1ac61c5cccc6e76dd193867004e2c13
-
Size
919KB
-
MD5
f1ac61c5cccc6e76dd193867004e2c13
-
SHA1
c64243d7b3c61b0a554d47b6d33182fa3b591ee9
-
SHA256
f1932238ebf61f3f07165cb78f22a83432b40cc0da4f1d88a0cdb51089ecdf29
-
SHA512
fc129489620db6c77f835c240c1093ba58c5f0110114db3066b5f0c25a3b00e0505b8822251960abd63c7690a276b917218bd3f4e5d445ed773886fd6bdd46b8
-
SSDEEP
24576:5fFokLbbpT5fA7hwAPAARV91Qb3inEc/Swt:9SkbpT5uhnYo9ybSGi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f1ac61c5cccc6e76dd193867004e2c13
Files
-
f1ac61c5cccc6e76dd193867004e2c13.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
}CGVH~ Size: 884KB - Virtual size: 884KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ