Static task
static1
Behavioral task
behavioral1
Sample
1b0b5a212351bcf8ac7bf6c991308788.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1b0b5a212351bcf8ac7bf6c991308788.exe
Resource
win10v2004-20231215-en
General
-
Target
1b0b5a212351bcf8ac7bf6c991308788
-
Size
307KB
-
MD5
1b0b5a212351bcf8ac7bf6c991308788
-
SHA1
3efdccd8239d6d99d8b226122b9584657c853d01
-
SHA256
52ed0d44c1a095afa599cfdff00fbecf452828832e3bf4624d76e9db3d3f7c6b
-
SHA512
f0137c4b520b1e529ff0e494db1d044d9e917678a017408a2945b71d6f1d4c7e223649dbfae8524eea35f34d996f1887335772008159e2219314f15a4a354b91
-
SSDEEP
6144:sePzEvtTNThus6KH2/7nCrP97+tD/iOCu5MHFsX38LI:se7EHpc7CA7C8MHGXs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1b0b5a212351bcf8ac7bf6c991308788
Files
-
1b0b5a212351bcf8ac7bf6c991308788.exe windows:4 windows x86 arch:x86
2247f231481e381f4404c631a2e9632f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReleaseMutex
ReleaseMutex
LoadLibraryW
GetCommandLineW
GetTickCount
GetTickCount
LocalFree
GetLocalTime
GetComputerNameW
GetModuleHandleW
CreateFileA
GetFileAttributesA
FindAtomW
GetDiskFreeSpaceW
lstrcpynA
ResetEvent
HeapCreate
CloseHandle
GetDriveTypeA
ExitThread
user32
CreateWindowExA
GetComboBoxInfo
GetKeyState
EndDialog
CallWindowProcA
FillRect
GetMenu
DestroyCaret
DrawStateA
GetClassInfoA
DispatchMessageA
CloseWindow
GetDlgItem
snmpapi
SnmpTfxQuery
SnmpTfxOpen
SnmpTfxClose
SnmpUtilMemFree
SnmpUtilMemAlloc
modemui
CountryRunOnce
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 344KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 294KB - Virtual size: 294KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ