Static task
static1
Behavioral task
behavioral1
Sample
ffd25253cbfb2f04e5a279ad0c01b4ec.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ffd25253cbfb2f04e5a279ad0c01b4ec.exe
Resource
win10v2004-20231215-en
General
-
Target
ffd25253cbfb2f04e5a279ad0c01b4ec
-
Size
71KB
-
MD5
ffd25253cbfb2f04e5a279ad0c01b4ec
-
SHA1
884cb7f2b19145fcbc511e2d103f080a7bd7d871
-
SHA256
32fae3864093ef6b67f9f1dd762e76f4300c9f26b43c3a05834bd4f35bbb5692
-
SHA512
fdbb3db28b2f07442176c76f7b03e5e24afca245859497a3d38cd0e0e0dd6ac639545fc7f0baa6e953f4dc6f584f6d2ea9a795d95cf4b34566d044d32032caeb
-
SSDEEP
768:1erx2A8f3tIe5zC9tv/b8yHE53oSorRUvCsguxv3Vrpl859ubT3VpcxvSbMHnUT+:xAk3tmY5Kr2CshxHGK7HqUT60ek4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ffd25253cbfb2f04e5a279ad0c01b4ec
Files
-
ffd25253cbfb2f04e5a279ad0c01b4ec.exe windows:4 windows x86 arch:x86
43d06c7356c9e8f160f2724f5afa58a5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord621
ord516
ord626
ord595
ord598
ord631
ord632
DllFunctionCall
ord601
__vbaExceptHandler
ord713
ord608
ord716
ord717
ProcCallEngine
ord537
ord644
ord570
ord681
ord685
ord100
ord616
ord581
Sections
.TEXT Size: 16.1MB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.DATA Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.RSRC Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ