Static task
static1
Behavioral task
behavioral1
Sample
17eb0929c46b211abfd75c69b95aef2c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
17eb0929c46b211abfd75c69b95aef2c.exe
Resource
win10v2004-20231222-en
General
-
Target
17eb0929c46b211abfd75c69b95aef2c
-
Size
75KB
-
MD5
17eb0929c46b211abfd75c69b95aef2c
-
SHA1
36d85b9f3beb6f71d2635c66f72c9f90d36956c4
-
SHA256
7dda349c2a22b613aa933e439de84815996be8783661da442e06bf68d3643299
-
SHA512
14d412b3147f5190e92fd5a96ebc0920fc33c5aac644758a90240ce8b3f4d210474459e89db5c7e5aec24a7d7d5a016aecdc5edf89a756ce5f4819e2b8815c52
-
SSDEEP
1536:aH3nw/vZGY2xum99LVolGVjSDBUDyZhVPNvXwaRdkNpTIiqWe7:W3n8ZGYUulGOB7JVvAaINNZM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 17eb0929c46b211abfd75c69b95aef2c
Files
-
17eb0929c46b211abfd75c69b95aef2c.exe windows:4 windows x86 arch:x86
8f74ce08a0a60cac03d79fd35656b792
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
BeginUpdateResourceA
CallNamedPipeA
FindFirstChangeNotificationA
user32
GetWindowTextLengthA
DialogBoxIndirectParamW
gdi32
GetGlyphOutlineA
CreateFontIndirectA
GetEnhMetaFileDescriptionA
GetObjectA
Sections
.rdata Size: 68KB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.SHARE Size: 1024B - Virtual size: 860B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data? Size: 512B - Virtual size: 415B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ