Static task
static1
Behavioral task
behavioral1
Sample
15338185f2edc42b6ba7ef2a16c3cf90.exe
Resource
win7-20231215-en
General
-
Target
15338185f2edc42b6ba7ef2a16c3cf90.exe
-
Size
3.1MB
-
MD5
15338185f2edc42b6ba7ef2a16c3cf90
-
SHA1
9141a5deba487ef7b33b9795b7744621f2a3550c
-
SHA256
8b797d5eb755101fbe821f125cfef241be994de6dd063b4e19216d8c545a87c4
-
SHA512
ddafc81789a295b5c69fcb2e69a0124681db27be76fa545d55f2556e2e3729a717dd76950f4f60ca4341575ecbe9f16e1b8b9d3a2cb75d958201c2de329dfbf1
-
SSDEEP
49152:aze8wAG8JM9gqjBg6O+s/R82KSvUOGJyDfKnMkUUBa2OBNDKHUnO4HBT:2NhPiBg6Of/R82KS0hnMkU52OBgHLC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 15338185f2edc42b6ba7ef2a16c3cf90.exe
Files
-
15338185f2edc42b6ba7ef2a16c3cf90.exe.exe windows:6 windows x86 arch:x86
6ea02e00483c90b3f210e2d517ab619a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
user32
GetSystemMetrics
gdi32
CreateCompatibleBitmap
advapi32
RegCloseKey
shell32
SHGetFolderPathA
wininet
HttpOpenRequestA
gdiplus
GdiplusStartup
ws2_32
closesocket
Sections
.MPRESS1 Size: 3.0MB - Virtual size: 5.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE