Static task
static1
Behavioral task
behavioral1
Sample
196666f003393c99b97b88bbc0f9f1ee.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
196666f003393c99b97b88bbc0f9f1ee.exe
Resource
win10v2004-20231215-en
General
-
Target
196666f003393c99b97b88bbc0f9f1ee
-
Size
116KB
-
MD5
196666f003393c99b97b88bbc0f9f1ee
-
SHA1
510d53dc63798d04a519e5fd1996ed10bd34a1b0
-
SHA256
76154fec8b7e7f3149e9101cfe17f477a15c3369bfaa3170fd61e838a33f7066
-
SHA512
7fd2faedde428adba41028dabdc6842231cb063be9241a069b5f0c6b10d704c0d98c3422d7f5893240ea45be1d9b7fdf42977aae4a8d7c7be77e2382300b345c
-
SSDEEP
3072:jzQBTD72aqukmTgSzE6to/ONcS7CbvHXR69EMqql:jmP2aqh1SzEHGNsbfXRAEMqK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 196666f003393c99b97b88bbc0f9f1ee
Files
-
196666f003393c99b97b88bbc0f9f1ee.exe windows:5 windows x86 arch:x86
ffe4252414bc7f414e8ca3c41c95d04a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetActiveWindow
GetWindow
SetFocus
EnumThreadWindows
LoadIconA
SetCursor
GetClientRect
SendDlgItemMessageW
DispatchMessageW
SendMessageA
MessageBeep
GetKeyState
OffsetRect
GetCursorPos
LoadIconW
SetScrollPos
IsDlgButtonChecked
GetMessagePos
DrawIcon
DialogBoxParamW
RegisterWindowMessageW
GetWindowLongW
DestroyMenu
DrawEdge
GetDlgCtrlID
CheckMenuItem
SetPropA
DestroyIcon
SetScrollInfo
IsWindowVisible
IsDialogMessageW
msvcrt
_fileno
??1exception@@UAE@XZ
__p__commode
_onexit
__getmainargs
fclose
iswdigit
strchr
calloc
__set_app_type
exit
kernel32
WriteConsoleW
CreateThread
GetTempFileNameW
HeapCreate
SystemTimeToFileTime
GetProcessHeap
GetCurrentThreadId
SetConsoleCtrlHandler
LeaveCriticalSection
CompareStringW
FindNextFileA
FreeResource
LockResource
LoadLibraryA
WritePrivateProfileStringA
GetOEMCP
GetFileAttributesW
VirtualAlloc
GetCurrentDirectoryW
GetConsoleOutputCP
FindResourceExW
RtlUnwind
TerminateThread
CreateMutexW
GetSystemInfo
IsProcessorFeaturePresent
advapi32
RegQueryInfoKeyA
OpenThreadToken
RegSetValueExW
AdjustTokenPrivileges
GetTokenInformation
IsValidSid
Sections
.text Size: 57KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data/0x Size: - Virtual size: 286KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ