Static task
static1
Behavioral task
behavioral1
Sample
64919ac5524070e8f4bd3051721cadae.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
64919ac5524070e8f4bd3051721cadae.exe
Resource
win10v2004-20231215-en
General
-
Target
64919ac5524070e8f4bd3051721cadae
-
Size
2.3MB
-
MD5
64919ac5524070e8f4bd3051721cadae
-
SHA1
e445463394de5fde4e74b4cf74024642a363cafb
-
SHA256
e484b409727e3d72fc492f301d24c58a8533cafed6328949c62d92331cf34be8
-
SHA512
31121c0cf5391456ad503e08d4607c531ed459dbc4bb06fe2d970f5b9fc197f6e725704820242ca3dc4705c134f8a063be53c3bb367a14be2d1819bb3670cb21
-
SSDEEP
49152:x9unnFqp+gt3VyGKTbuvdG1QKPV7vVDlnFslIsdP2:x8nFg+gtEWUVNDlnFwj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 64919ac5524070e8f4bd3051721cadae
Files
-
64919ac5524070e8f4bd3051721cadae.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
xu7-*, Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 145KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ