Static task
static1
Behavioral task
behavioral1
Sample
05eff26e055f486ef608e3f56bab962d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
05eff26e055f486ef608e3f56bab962d.exe
Resource
win10v2004-20231215-en
General
-
Target
05eff26e055f486ef608e3f56bab962d
-
Size
701KB
-
MD5
05eff26e055f486ef608e3f56bab962d
-
SHA1
0a5651d41008ab6c03afad99398693e14b17ee1d
-
SHA256
5205de2433779f3b7a7fc5d922108f8a8b14894466dd2cddfd5ef59ec53babf6
-
SHA512
ffee07e3d640a7823d4135fa3a7bd0950d5748df12d55b1b8668aba2ce496bf41cf52d9a4101c3566cdeae11f6818e1330e0020138d8e641af7e940cafe449dc
-
SSDEEP
12288:y+fJfSFQ/ODphk5YM+TETJeNZg2HwpzI96gC1bwTux+HCWlYHRcmBWo:vflx/w8YM+T8EZVGMcgC1cTuiCtRc4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05eff26e055f486ef608e3f56bab962d
Files
-
05eff26e055f486ef608e3f56bab962d.exe windows:4 windows x86 arch:x86
ad878173292741f2106e85196070d829
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryA
GetVersion
GlobalFree
GetTickCount
LocalFree
CreateEventA
GetCommandLineA
lstrcpyA
GetVersionExA
GlobalAlloc
lstrlenA
LocalAlloc
GetFileSize
lstrcatA
gdi32
GetBkColor
GetTextMetricsA
GetObjectA
ExtTextOutA
GetDeviceCaps
LineTo
GetStockObject
CreateSolidBrush
SelectObject
DeleteObject
SetBkMode
GetTextExtentPoint32A
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 679KB - Virtual size: 680KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 15KB - Virtual size: 728KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ