Static task
static1
Behavioral task
behavioral1
Sample
5eb8a37d57af0cec0327de664dcfe86c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5eb8a37d57af0cec0327de664dcfe86c.exe
Resource
win10v2004-20231215-en
General
-
Target
5eb8a37d57af0cec0327de664dcfe86c
-
Size
101KB
-
MD5
5eb8a37d57af0cec0327de664dcfe86c
-
SHA1
647d7be22a6cabeef79a6bce5d016467e8ef1032
-
SHA256
677f9af4c59b820cdb29095f1498f17eaddd21a8e553121286674c3847ef7888
-
SHA512
cd1d9bf72d1f4ed46185cb86e4feaa3bfa83a15898742bb8dc5facf316480ec2b2cbc8ecd4bc1be60bec881985e71dbf2e1f1b314abe69c00c014f488eecb666
-
SSDEEP
192:9tNGvNRwxjBmEHGPf+Jmd1HxRK7+aVuVsUyowJL/8Qpkqs1ISSxC+ebCf3ETq:Z7JafiahK7+a85YJLu1gx0bCN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5eb8a37d57af0cec0327de664dcfe86c
Files
-
5eb8a37d57af0cec0327de664dcfe86c.exe windows:4 windows x86 arch:x86
d5c4dbfbb659f9d58d073fdbb0dc174a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
lstrlenA
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryExA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
LockResource
LoadResource
FindResourceA
Sections
.text Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 634B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 421B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE