Static task
static1
Behavioral task
behavioral1
Sample
0271227f866f0d2e4ceda9ad7f5a3e11.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0271227f866f0d2e4ceda9ad7f5a3e11.exe
Resource
win10v2004-20231215-en
General
-
Target
0271227f866f0d2e4ceda9ad7f5a3e11
-
Size
234KB
-
MD5
0271227f866f0d2e4ceda9ad7f5a3e11
-
SHA1
6fc488a87827cce543d9f34656b14902dbe357f3
-
SHA256
13c825bb1ca0ccdeefedf95ddc295a4eb7805f34b1e755d630aa81268a12ab01
-
SHA512
2b35775d78f7e2d2435b1b6c03f175add56d3608f15b9f438416e7fa49fa9a3428105b58ac59ec3c76075450e30c99c936a888f583bd60268c93aa26fb38f594
-
SSDEEP
6144:XvHJDvBDFShDKv8f5emQ3CcqNr9eEGeRHtdLDKih:fpDvBDFeDKkfE3Cp19eE/NJKi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0271227f866f0d2e4ceda9ad7f5a3e11
Files
-
0271227f866f0d2e4ceda9ad7f5a3e11.exe windows:4 windows x86 arch:x86
dcaeaf7122583994049131cf7283bc9d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoReleaseMarshalData
CLSIDFromProgID
kernel32
GetModuleHandleA
DeleteFileA
GetCommandLineW
IsBadReadPtr
lstrlenA
GetACP
LockResource
LoadLibraryA
GetModuleHandleW
GetVersion
ExitProcess
GetThreadLocale
GetLastError
GetTickCount
GetProcAddress
GetCommandLineA
LoadLibraryExA
VirtualAllocEx
GetStringTypeA
advapi32
RegOpenKeyA
RegQueryValueExA
Sections
CODE Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 530B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 129KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ