Static task
static1
Behavioral task
behavioral1
Sample
59525a4f95bbb4c3c11ff1a698db12e4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
59525a4f95bbb4c3c11ff1a698db12e4.exe
Resource
win10v2004-20231222-en
General
-
Target
59525a4f95bbb4c3c11ff1a698db12e4
-
Size
2.9MB
-
MD5
59525a4f95bbb4c3c11ff1a698db12e4
-
SHA1
96a41d518b45bc9c3d3e2a405653814e060263fe
-
SHA256
3f25660dca7a661b855f615500c8ddb9c78d41d292b4287b0d40d072a2b9a08b
-
SHA512
bd918c1a9ad8d9b70cfdf2478bd67cc970eae673f6b5b5fe3f14858763ae180971fc6c5a8d711493262569e1226aa0a49785fa67d05835e4a336dc0088a01e68
-
SSDEEP
49152:HmdljNU3c/2xo9d8MbTd2dyDID4nw3Vx3PPGEg7zS2LO:HmzjNUe2ivxTd2yDID4e3nKW2LO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 59525a4f95bbb4c3c11ff1a698db12e4
Files
-
59525a4f95bbb4c3c11ff1a698db12e4.exe windows:4 windows x86 arch:x86
f8711bae9c574c2fbc062d43731fe05e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReadFileEx
WriteFileEx
VirtualAllocEx
CreateTimerQueueTimer
DeleteTimerQueueEx
GetTimeFormatA
user32
ShowWindow
IsCharUpperA
authz
AuthzInitializeContextFromAuthzContext
Sections
.text Size: 738KB - Virtual size: 738KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 439KB - Virtual size: 438KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 98KB - Virtual size: 436KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 380B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ