Static task
static1
Behavioral task
behavioral1
Sample
5f6f5410434773262606755309f6a987.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5f6f5410434773262606755309f6a987.exe
Resource
win10v2004-20231215-en
General
-
Target
5f6f5410434773262606755309f6a987
-
Size
38KB
-
MD5
5f6f5410434773262606755309f6a987
-
SHA1
29b901efa635f7f4e10f5ed35f9faf7927de22c3
-
SHA256
1f70ba8a87d2005878e51f6ca29c99ce62a873f0a6a162facac691b1cc08c212
-
SHA512
e711857bf607d6e30b48bfcfd628336582f903500754d87cce1bd3d9fc3f15a3b09e410b78ce3f153a1e6f326e53487e8ad978ea2ab8e27fa3893361a82eadc9
-
SSDEEP
384:Gt0Cs/2IKcVq7zJCQnFo/R/fqa/1bgExzbMDcxqBY/8VgFeX:dCkVC0QnqTaEiDcxKY/Ts
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5f6f5410434773262606755309f6a987
Files
-
5f6f5410434773262606755309f6a987.exe windows:4 windows x86 arch:x86
2d3e34b9f784ee256713698990aede3a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
user32
MessageBoxA
Sections
�H Size: 5KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
�a Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
de Size: 319B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
>U Size: 912B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
' Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE