Static task
static1
Behavioral task
behavioral1
Sample
47fdbd3e3f698aa3a74d5bf61f8b9e2d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
47fdbd3e3f698aa3a74d5bf61f8b9e2d.exe
Resource
win10v2004-20231222-en
General
-
Target
47fdbd3e3f698aa3a74d5bf61f8b9e2d
-
Size
92KB
-
MD5
47fdbd3e3f698aa3a74d5bf61f8b9e2d
-
SHA1
7d2826210822eb409a6aab2b987ea37c2448595f
-
SHA256
cb61808a85522b488a055a3046dd194ae9e2a2b5f26fc9e5355ad6b44a9a922c
-
SHA512
262ee2f95247ec25210942aa2996c40bb704d85b4035d54c94fb5cb03b62d911e631f51c49c88b007fbbee0d4a471ad06df472e45a98d64d2a951a781607d037
-
SSDEEP
1536:8ZMvPTNpPcRl+iwZXuHm8ngZmWYycnx5GQDUxHwALEBdthLEpEQ+C301cw59eF1:HhpelaXegZFYxnx0yUJwgydjIcC3OnC1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 47fdbd3e3f698aa3a74d5bf61f8b9e2d
Files
-
47fdbd3e3f698aa3a74d5bf61f8b9e2d.exe windows:4 windows x86 arch:x86
73020724e434db8a831add1bb4481c25
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
LoadLibraryA
VirtualAlloc
QueryPerformanceCounter
SetThreadAffinityMask
lstrcatA
SetMailslotInfo
lstrcpynA
GetModuleHandleA
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetCommandLineA
lstrcpyA
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
GetProcAddress
MultiByteToWideChar
LCMapStringA
GetStringTypeW
user32
KillTimer
Sections
.text Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ