Static task
static1
Behavioral task
behavioral1
Sample
34d38fb44e212349ad7808c67636bef1.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
34d38fb44e212349ad7808c67636bef1.exe
Resource
win10v2004-20231215-en
General
-
Target
34d38fb44e212349ad7808c67636bef1
-
Size
41KB
-
MD5
34d38fb44e212349ad7808c67636bef1
-
SHA1
966c0362237ac330131147b710238c3e1f973424
-
SHA256
e206cc75286665013fc3adcd111a087d3e043157fcdd83888354b30cdf1e59cb
-
SHA512
8ff006ebb900f2957469a5978124e169dd53f6a833fb261bd83cf54714eda7220f8f54048bd910830d1363f2999860221879dea2f83b4121e1004f0b36e95645
-
SSDEEP
192:zv22vnAnIa+//ICbePtKrvyxYRIqKhgiMHYMRg:z+2vnAnl+//IQsosqHYMy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 34d38fb44e212349ad7808c67636bef1
Files
-
34d38fb44e212349ad7808c67636bef1.exe windows:4 windows x86 arch:x86
70afbc43974f3e0fdf922df093615187
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileA
DeleteFileA
SetFileAttributesA
GetLocalTime
GetCurrentProcess
Process32Next
OpenProcess
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetCurrentThread
GetVersionExA
Module32First
GetFileSize
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetFullPathNameA
CloseHandle
ReadFile
SetFilePointer
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
SetLastError
GetLastError
WriteFile
advapi32
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
imagehlp
MapFileAndCheckSumA
msvcrt
_getch
_itoa
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
__CxxFrameHandler
__dllonexit
_onexit
strncmp
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE