Static task
static1
Behavioral task
behavioral1
Sample
09222dcab9167f4a748c4d3e457aa31c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
09222dcab9167f4a748c4d3e457aa31c.exe
Resource
win10v2004-20231215-en
General
-
Target
09222dcab9167f4a748c4d3e457aa31c
-
Size
32KB
-
MD5
09222dcab9167f4a748c4d3e457aa31c
-
SHA1
bcac93f663dae855af7305bf3528d8fcbd513fa8
-
SHA256
caadc15e19e5784d06d6b488a5b2a98e2f4832d1c4381a73d1b28c0072175b18
-
SHA512
8335485dafe5176dcea1aeb531716d992d7a330402efdaac7b34a9c3102a5dfdaa99a287d38380ffbe1393f0207acb91bc653190ffc5d28301c956f7cc847533
-
SSDEEP
768:sccccccccccccccccccccccKcccccccccccccccccccccc0ccccccccccccccccD:sccccccccccccccccccccccKcccccccD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 09222dcab9167f4a748c4d3e457aa31c
Files
-
09222dcab9167f4a748c4d3e457aa31c.exe windows:4 windows x86 arch:x86
73b86b23369f588f7fa28ceebd9f9a0c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Process32Next
TerminateProcess
OpenProcess
GetModuleFileNameA
OpenEventA
SetEvent
Sleep
DeleteFileA
GetCurrentProcess
CloseHandle
GetModuleHandleW
GetProcAddress
CompareStringA
lstrcpyA
CreateToolhelp32Snapshot
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
GetShortPathNameA
GetEnvironmentVariableA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
Process32First
user32
MessageBoxA
ExitWindowsEx
wsprintfA
IsZoomed
GetWindowTextLengthA
advapi32
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
shell32
ShellExecuteExA
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 852B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE