Static task
static1
Behavioral task
behavioral1
Sample
a0e754a608b6122d4dbe5368f5def0d0.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
a0e754a608b6122d4dbe5368f5def0d0.exe
Resource
win10v2004-20231222-en
General
-
Target
a0e754a608b6122d4dbe5368f5def0d0
-
Size
3.9MB
-
MD5
a0e754a608b6122d4dbe5368f5def0d0
-
SHA1
c79be504bfbc9c0c7a91f29422145208891eee03
-
SHA256
c2637563376d80cc3bebc179efe186ed8af7368be2ad517e6ff50a3c601db59c
-
SHA512
c90e556abd759e49c932772d074afd2d772715c3e8f48fbbf85bccbb15ed0f7aef605ccaa4eb5bb73c8b544f94025c4da853c67001e0e9634215c61129936885
-
SSDEEP
98304:wMvp1jHdcQ/XiHC9NwPTyBT7eKWLgORacP2W1WRpmo:lvfuwXiHsNsoT7nWsOEfW1WRn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a0e754a608b6122d4dbe5368f5def0d0
Files
-
a0e754a608b6122d4dbe5368f5def0d0.exe windows:4 windows x86 arch:x86
f1a1f8b0f8eccd7bb13fb6b7f07e4441
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLastError
SetErrorMode
GetWindowsDirectoryA
SetCurrentDirectoryA
VirtualProtect
ExitProcess
user32
SetForegroundWindow
GetClassInfoA
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.n2sects Size: 8KB - Virtual size: 10.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsec Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ