Static task
static1
Behavioral task
behavioral1
Sample
3c557b2a38f0f9b301289899d546d5b8.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3c557b2a38f0f9b301289899d546d5b8.exe
Resource
win10v2004-20231215-en
General
-
Target
3c557b2a38f0f9b301289899d546d5b8
-
Size
258KB
-
MD5
3c557b2a38f0f9b301289899d546d5b8
-
SHA1
95366616c65bc693e1148ff3c8918a6243f12818
-
SHA256
d00d64a84b152981491917d85fbb37f7c0437d4c993cf853784a398e7e9126d6
-
SHA512
638e29fff7cddc088565005c5d21c7eaf6f94fc5c271d13429e60c7c81590ca4ea124cfdf7d0b92e8569a43ff87bc256c803f877b2cbe11a9c3adab7e256e034
-
SSDEEP
6144:ToerTIAXJGkD9ERl5Tj2HrrGwzBACNf7xW:ToerXokJERHSHXXz2CxxW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3c557b2a38f0f9b301289899d546d5b8
Files
-
3c557b2a38f0f9b301289899d546d5b8.exe windows:4 windows x86 arch:x86
329f7ddb4e48e57a63acf5d0d05e7cb0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
TranslateMessage
GetMessageA
DispatchMessageA
kernel32
GetFileSize
VirtualLock
VirtualAlloc
ReadFile
CloseHandle
CreateFileA
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
Sections
.text Size: 1024B - Virtual size: 960B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 414B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256KB - Virtual size: 255KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE