Static task
static1
Behavioral task
behavioral1
Sample
1e2d3ec796c93257257077ecfb29915b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1e2d3ec796c93257257077ecfb29915b.exe
Resource
win10v2004-20231215-en
General
-
Target
1e2d3ec796c93257257077ecfb29915b
-
Size
768KB
-
MD5
1e2d3ec796c93257257077ecfb29915b
-
SHA1
7e9bad5253b08ae2639c4d7127f9175aa0337628
-
SHA256
9e56d44f12d3d08688a3c69f9bf05028c02e5a8ed2b672578385fc071ede85e9
-
SHA512
82ab1da756e8609b1b050752bc7895e0cc05105bf3f390f1cb7a54b2bbb510db7dfbc835d9101419e1f2a5de06c0dba69743f0d1a33e6c4ab043a39767c7a521
-
SSDEEP
24576:bkSLOm8N3hVh5Tt+g5C80vhrooOUxuewm:bk1xV5fC8AhJOUU4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1e2d3ec796c93257257077ecfb29915b
Files
-
1e2d3ec796c93257257077ecfb29915b.exe windows:4 windows x86 arch:x86
59e52cc866255748d3392867c4b61530
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetLastError
ReleaseMutex
RemoveDirectoryW
GetStdHandle
OpenEventW
RemoveDirectoryW
FatalExit
HeapSize
CreateFileMappingW
ReleaseSemaphore
ReleaseSemaphore
GetFileSize
HeapDestroy
LoadLibraryA
DeleteFileA
GetCommandLineW
CreateMutexA
VirtualProtect
MapViewOfFile
GetVersion
SetLastError
CreateDirectoryW
CreateFileA
GetStartupInfoA
lstrlenA
cryptui
CryptUIStartCertMgr
CryptUIDlgViewContext
WizardFree
CryptUIWizBuildCTL
CryptUIDlgFreeCAContext
DllRegisterServer
WizardFree
DllUnregisterServer
CryptUIWizExport
LocalEnroll
CryptUIWizDigitalSign
CryptUIWizImport
LocalEnrollNoDS
iernonce
RunOnceExProcess
RunOnceExProcess
InitCallback
InitCallback
Sections
.text Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 760KB - Virtual size: 760KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE