Static task
static1
Behavioral task
behavioral1
Sample
699e083a1d68cc38f14efb5dab7180d9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
699e083a1d68cc38f14efb5dab7180d9.exe
Resource
win10v2004-20231215-en
General
-
Target
699e083a1d68cc38f14efb5dab7180d9
-
Size
210KB
-
MD5
699e083a1d68cc38f14efb5dab7180d9
-
SHA1
737017e80dfbedf1de7a06d8f6dd4769357af27b
-
SHA256
32fb6f185c9db527b55839de23823eb34d9090025ece5c340426a7e19ede5f8e
-
SHA512
c2062e7ac7c0eeb152defdf5202c4019d4b2ae5fa00842c1bdd7780e687439ddaea4e613fc1bd380e9048f327efd227c5e28dbe5606987fcfd91c14ae9dbd7e6
-
SSDEEP
3072:r7yQabYMkTgeLT+w2EC4j0oYb8e+jmbH7EMOjxxHr6xxr6GVyaFXo9:nyQlTgALXqo1jmUZxL6xQGQgg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 699e083a1d68cc38f14efb5dab7180d9
Files
-
699e083a1d68cc38f14efb5dab7180d9.exe windows:4 windows x86 arch:x86
4e0d796ac7d9da890e2672f15d4665b4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeleteFileW
lstrcatW
FindFirstFileW
lstrcpyW
RemoveDirectoryW
CreateProcessW
SetCurrentDirectoryW
CopyFileW
FindNextFileW
GetModuleFileNameW
lstrlenW
WaitForSingleObject
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetModuleHandleW
FindClose
LCMapStringW
MoveFileExW
GetThreadLocale
GetTempPathW
GetStartupInfoW
user32
DefWindowProcW
RegisterWindowMessageW
wsprintfW
MessageBoxW
advapi32
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
shell32
SHGetSpecialFolderPathW
ole32
CoInitialize
CoUninitialize
msvcrt
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
wcsrchr
wcscat
wcsncpy
wcslen
??3@YAXPAX@Z
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tc Size: 201KB - Virtual size: 204KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE