Static task
static1
Behavioral task
behavioral1
Sample
65196e6b4885dbf4acc413835fa3c105.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
65196e6b4885dbf4acc413835fa3c105.exe
Resource
win10v2004-20231215-en
General
-
Target
65196e6b4885dbf4acc413835fa3c105
-
Size
128KB
-
MD5
65196e6b4885dbf4acc413835fa3c105
-
SHA1
85d62ec3bde386d60f11ec8c84089d159c2a9475
-
SHA256
3e49da22778c9b9e91a445d83ff0bfe7defa6dc142dd5a3ec4b4508a7491d3f5
-
SHA512
21cc27214eed4b9d9a53def72b4929eac9c9ec7e36466c15e1e77a78a64a91aa938fb8f91e1ec3655531f4a75f05280c08dead2a90bf656625d60bcff1591ef5
-
SSDEEP
3072:9MjQbJJFCtQXIh+bdFHMlTw3SiyxXoNy+PvL5:qj0Mh+x1AJXIPj5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 65196e6b4885dbf4acc413835fa3c105
Files
-
65196e6b4885dbf4acc413835fa3c105.exe windows:4 windows x86 arch:x86
de4a8873e87ff6334b7e60a8452b71e4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenProcess
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DuplicateHandle
GetCurrentProcess
CreateFileA
Sleep
GetVersionExA
WinExec
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
CloseHandle
LoadLibraryA
GetProcAddress
GetLastError
WriteFile
user32
ShowWindow
CreateWindowExA
DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
RegisterClassExA
DefWindowProcA
PostQuitMessage
advapi32
StartServiceA
ConvertSidToStringSidA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
CloseServiceHandle
OpenSCManagerA
OpenServiceA
DeleteService
CreateServiceA
LookupAccountNameA
shlwapi
SHDeleteKeyA
SHSetValueA
StrStrA
msvcrt
_exit
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
sprintf
srand
time
fclose
fflush
fwrite
fopen
rand
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
_access
_stricmp
_XcptFilter
exit
_acmdln
__getmainargs
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
dbghelp
ImageNtHeader
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 100KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ