Static task
static1
Behavioral task
behavioral1
Sample
5bffb09476a8554c18e1f472fa22f057.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5bffb09476a8554c18e1f472fa22f057.exe
Resource
win10v2004-20231215-en
General
-
Target
5bffb09476a8554c18e1f472fa22f057
-
Size
50KB
-
MD5
5bffb09476a8554c18e1f472fa22f057
-
SHA1
df3a41c44b85c4ab78f86445d43cecc3ecd23400
-
SHA256
e5b7f9499f355f0ad23141d8d83f9530ab2ba242cc143c9be38b874cf9014532
-
SHA512
f0b654b7457dab7bfaff6c86b03ee3a12a219c5adb7cfe147b412683e93e117fd81cfca8959763f575bfe79fa3d0c8e7436daf138d61930c8374368d093cfeb7
-
SSDEEP
1536:dh6TSMB+/re5napiaVAdduxeA5wXuJnC:dh6LKreUcVdieA5w+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5bffb09476a8554c18e1f472fa22f057
Files
-
5bffb09476a8554c18e1f472fa22f057.exe windows:3 windows x86 arch:x86
0f8d08f94fe75c5e7dd4d02dac5e2c77
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
DeleteCriticalSection
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetVersionExA
InterlockedCompareExchange
LeaveCriticalSection
LocalFree
QueryPerformanceCounter
user32
CreateWindowExA
DefWindowProcA
DestroyWindow
EnableWindow
EndPaint
GetCapture
GetDesktopWindow
GetKeyboardType
GetParent
GetWindowLongA
IsChild
IsIconic
KillTimer
SetCursor
SetWindowPos
Sections
CODE Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
BSS Size: - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 836B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ