Static task
static1
Behavioral task
behavioral1
Sample
2e49619fed842165c70bdb43253eab6f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2e49619fed842165c70bdb43253eab6f.exe
Resource
win10v2004-20231215-en
General
-
Target
2e49619fed842165c70bdb43253eab6f
-
Size
16KB
-
MD5
2e49619fed842165c70bdb43253eab6f
-
SHA1
01f8ce459f84c49d77bb33bfc95938c39c743a6a
-
SHA256
e5bcde4d7da6fa450055d61f48793ded68dd5b81b8afca5904f91d16289fe8ec
-
SHA512
9632ca9bdedc9c0bae2d4516e2b6847e6f42f6c31f3641f2324e2bfe9acc306567c9143ab3780b266f418ac49c67d24ed8f4b8f938b3cf56e6b5488a863c76fe
-
SSDEEP
384:UuYfcu3eOnwA/vlXcMSJy2VVd63IRd6Indv:WfcujnwevlTIy2k3IRkI9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2e49619fed842165c70bdb43253eab6f
Files
-
2e49619fed842165c70bdb43253eab6f.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 12KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE