Static task
static1
Behavioral task
behavioral1
Sample
ae16130af106856588001be62feb872a.exe
Resource
win7-20231215-en
General
-
Target
ae16130af106856588001be62feb872a
-
Size
1.2MB
-
MD5
ae16130af106856588001be62feb872a
-
SHA1
8f52731e2913457773a9724529d08d5f54a11582
-
SHA256
7e04a5f055b6ea1d3402465c4bc96f89b660b82c494b860832f5b7540608bb70
-
SHA512
992199deee4d5a091fb78104cfc2b2f0b52a7ddc0ffb1c589322a065c4a72a6d574b5204cd9a2fc31af81e3584149f4e9ed5631e8f0d7bd2ef427f4b15aada86
-
SSDEEP
3072:NgGyv3OFws+k3L5mU6jY9A+6bTpiIHLjLmNo5fq5pWj7MLfJU7Z9LXUoPxwAnjak:NgFveku562Ar/QOPyO5hLo//53tgM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ae16130af106856588001be62feb872a
Files
-
ae16130af106856588001be62feb872a.exe windows:4 windows x86 arch:x86
c979fe0c05658311ec9697759161e91d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
lstrlenA
lstrcatA
winmm
mciGetYieldProc
oleacc
CreateStdAccessibleProxyW
shell32
SHChangeNotification_Unlock
Sections
.code Size: 171KB - Virtual size: 172KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdatam Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ftre Size: 1024KB - Virtual size: 1024KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE