Static task
static1
Behavioral task
behavioral1
Sample
b1a9c840defddb3597f820bb9966bfc3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
b1a9c840defddb3597f820bb9966bfc3.exe
Resource
win10v2004-20231215-en
General
-
Target
b1a9c840defddb3597f820bb9966bfc3
-
Size
87KB
-
MD5
b1a9c840defddb3597f820bb9966bfc3
-
SHA1
69a87940e90bd88c01874f719059c975f4beb0db
-
SHA256
2d185f3c91f8738cd265f024528a068b9646c567a086c33641918f5b26944e08
-
SHA512
bb9f43a1a31945dde16f2e24c7b3eed7b3e1966c913585831480ee0959cb88df842c56c579c8d9ffc5540ba5fc1bf9eb0dc93e7f4edfb08f01b00dd6bfc944d5
-
SSDEEP
1536:tmbn1H9D+u+9spgfYJlVpmySyjn2p3Qy0ThKLz35AvL9wN0bIS+:tmL1Eu+ajpmyXn2GyWTD9hIS+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b1a9c840defddb3597f820bb9966bfc3
Files
-
b1a9c840defddb3597f820bb9966bfc3.exe windows:4 windows x86 arch:x86
0433a106b4a8a330f166ebe889e8d6ed
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalHandle
SetConsoleNlsMode
RtlMoveMemory
VerifyConsoleIoHandle
EnumLanguageGroupLocalesW
CreateProcessW
LocalUnlock
IsDebuggerPresent
SetFileValidData
ValidateLocale
GetConsoleCP
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 72KB - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE