Static task
static1
Behavioral task
behavioral1
Sample
106e3d8a593aa422522d53d1e2bcd2f8.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
106e3d8a593aa422522d53d1e2bcd2f8.exe
Resource
win10v2004-20231222-en
General
-
Target
106e3d8a593aa422522d53d1e2bcd2f8
-
Size
267KB
-
MD5
106e3d8a593aa422522d53d1e2bcd2f8
-
SHA1
cb418da05c0642222a98886272a9e33b3a49b618
-
SHA256
45abb256f32677395a2ad3a8e2fc458578320171716262b9e766c9b03f957550
-
SHA512
1f702fc36c41923bba34347df3a70f0201381dca7ae9a045850117a9613e5728d4bfad25ff3b804e7f53584e8971afb5fa25820b9acc0237c05bfa0fdebf29af
-
SSDEEP
6144:n85mNWJAn44mTQQcrXZ+RwmBpOoffttYE+1cpYp:k/TQQcrX0Rwm3BF7dp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 106e3d8a593aa422522d53d1e2bcd2f8
Files
-
106e3d8a593aa422522d53d1e2bcd2f8.exe windows:4 windows x86 arch:x86
3db7aeed7cf9a65c38001de44f39e2d5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
HeapFree
HeapAlloc
HeapCreate
SetLastError
TlsAlloc
QueryPerformanceCounter
HeapReAlloc
VirtualFree
GetCurrentProcessId
IsBadWritePtr
EnumSystemLanguageGroupsW
HeapDestroy
GetWriteWatch
VirtualAlloc
GetSystemTimeAsFileTime
VirtualQuery
TlsFree
oleacc
CreateStdAccessibleObject
AccessibleChildren
shlwapi
PathAddBackslashW
user32
DestroyIcon
SetWindowTextA
LoadImageA
CreateWindowExA
GetDlgItem
GetWindow
LoadStringA
GetParent
winmm
mciSendCommandA
shell32
SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW
Sections
.text Size: 69KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 195KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ