Static task
static1
Behavioral task
behavioral1
Sample
3564ec997cfeef6f3503c6617d3d15a7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3564ec997cfeef6f3503c6617d3d15a7.exe
Resource
win10v2004-20231215-en
General
-
Target
3564ec997cfeef6f3503c6617d3d15a7
-
Size
200KB
-
MD5
3564ec997cfeef6f3503c6617d3d15a7
-
SHA1
311a896a87367d42e23b9789b1564e651d433c61
-
SHA256
e917bbd3049a87310456631773933bfd2d8ed22ae1fcca05bc12f2fd7854eb13
-
SHA512
1535c5767343b02de56f4b279aad796988c9a50273e2c85fc8d3fbe9b539c1473319a1804f42ceac57c7a4bafbbd64d1bd37e455b29a5dd2512906fab67795ac
-
SSDEEP
3072:M/XA8+LQCNilZJufLouygI6HLlkMftOLB0JjLONfRNDWswzcHtmFJW:M/Z+ECuZJTulyAtOCJOysdmW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3564ec997cfeef6f3503c6617d3d15a7
Files
-
3564ec997cfeef6f3503c6617d3d15a7.exe windows:4 windows x86 arch:x86
a07fb06533bb419b7b8c08712a8b819b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ord17
kernel32
InitializeCriticalSection
CloseHandle
WaitForMultipleObjects
SetEvent
CreateThread
WaitForSingleObject
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
lstrlenA
LocalFree
FormatMessageA
CreateDirectoryA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
GetShortPathNameA
GetFullPathNameA
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindNextFileA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CreateEventA
GetWindowsDirectoryA
LeaveCriticalSection
EnterCriticalSection
AreFileApisANSI
Sleep
CreateProcessA
SetCurrentDirectoryA
GetModuleFileNameA
GetCommandLineW
SetLastError
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetCPInfo
IsBadCodePtr
GetACP
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetOEMCP
GetStdHandle
GetFileType
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
user32
SendMessageA
DestroyWindow
MessageBoxA
PostMessageA
ShowWindow
GetDlgItem
SetTimer
SetWindowTextA
MessageBoxW
LoadStringA
CharPrevA
CharNextA
DialogBoxParamA
SetWindowLongA
GetWindowLongA
KillTimer
EndDialog
oleaut32
VariantClear
SysAllocString
Sections
.text Size: 87KB - Virtual size: 87KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ