Static task
static1
Behavioral task
behavioral1
Sample
05617623c58d83898ce8e68e1e66995e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
05617623c58d83898ce8e68e1e66995e.exe
Resource
win10v2004-20231222-en
General
-
Target
05617623c58d83898ce8e68e1e66995e
-
Size
396KB
-
MD5
05617623c58d83898ce8e68e1e66995e
-
SHA1
0c7473a40b229841290d48727002cbaf20516855
-
SHA256
f680b4d192f30e81dcaad2095b93b28c040f38d205535b27316fc75b1d7772a2
-
SHA512
bb847cc107b1be37e8086ae8dbe2dad23063aca5eb0d3bf34662d978d957e8e70fee24c70f6b12b239c87a62561ca17b6051db82c90950434d24676ac5b1b9b7
-
SSDEEP
6144:U8ZRzP2yOV+/ILEfL1FWbxX+5XfGOePAwGpFlKHO5hhJIrWF1o/ozhE0Nzcde:dZwRYAI1AbxX+Q3PAwAF6AhsSyQzod
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05617623c58d83898ce8e68e1e66995e
Files
-
05617623c58d83898ce8e68e1e66995e.exe windows:4 windows x86 arch:x86
c7a743f9c72b26240868f7324d7612a1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
InitCommonControlsEx
gdi32
Arc
CreateFontIndirectW
GetSystemPaletteUse
GetCharABCWidthsA
SetPixel
CreateBrushIndirect
gdiPlaySpoolStream
PathToRegion
StretchBlt
SetBkMode
StartPage
GetDCOrgEx
GetBkColor
CreateDIBPatternBrush
GetTextExtentPoint32W
CreatePolygonRgn
IntersectClipRect
StartDocW
GetTextFaceW
SetMetaFileBitsEx
GdiFlush
comdlg32
FindTextA
GetSaveFileNameA
ChooseColorA
user32
ScrollWindowEx
SystemParametersInfoA
GetClassInfoExW
GetParent
LoadCursorW
UnregisterDeviceNotification
GetCapture
IsWindowEnabled
GetClassLongA
RegisterClassA
EnumWindows
SetWindowLongW
RegisterClassExA
GetMessagePos
kernel32
GetConsoleOutputCP
CompareStringA
GetACP
HeapCreate
HeapReAlloc
SetStdHandle
GetCurrentThreadId
HeapSize
CloseHandle
Sleep
GetCurrentThread
GetSystemTimeAsFileTime
WideCharToMultiByte
WriteProfileSectionW
ExitProcess
LocalCompact
MoveFileExA
VirtualFree
GetConsoleTitleA
CommConfigDialogW
GetConsoleCP
SetLastError
GetProcessHeaps
SetEnvironmentVariableA
EnumSystemLocalesA
GetModuleFileNameW
GetModuleHandleA
DeleteCriticalSection
GetOEMCP
GetEnvironmentStringsW
GetSystemInfo
CreateFileA
IsDebuggerPresent
WriteFile
GetModuleFileNameA
SetHandleCount
EnumDateFormatsW
IsValidCodePage
FreeLibrary
GetTickCount
GetTimeFormatA
WriteConsoleA
VirtualAlloc
GetCommandLineW
HeapFree
GetCurrentProcess
GetCurrentProcessId
WriteFileEx
GetStdHandle
GetStringTypeA
IsValidLocale
FlushFileBuffers
GetUserDefaultLCID
GetFullPathNameA
LocalFree
UnhandledExceptionFilter
SetFileTime
LoadLibraryA
GetStartupInfoW
GetFileAttributesExW
GetCPInfo
GetCommandLineA
HeapAlloc
InterlockedIncrement
GetStringTypeW
SetConsoleCursorInfo
WriteConsoleW
OpenMutexA
TerminateProcess
FreeEnvironmentStringsW
GetProcAddress
CompareStringW
CreateMutexA
GetTimeZoneInformation
EnterCriticalSection
SetUnhandledExceptionFilter
GetConsoleMode
GetDateFormatA
GetModuleHandleW
LCMapStringW
WriteConsoleOutputAttribute
LeaveCriticalSection
TlsSetValue
HeapDestroy
LCMapStringA
InterlockedExchange
OpenProcess
SetVolumeLabelW
ReadConsoleInputA
SetFilePointer
ReadFile
TlsFree
SetConsoleCtrlHandler
GetNamedPipeHandleStateA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
GetLocaleInfoA
QueryPerformanceCounter
CreateDirectoryExA
GetFileType
MultiByteToWideChar
VirtualQuery
RtlUnwind
GetLocaleInfoW
GetStartupInfoA
LocalReAlloc
TlsGetValue
RemoveDirectoryA
GetLastError
TlsAlloc
Sections
.text Size: 167KB - Virtual size: 166KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 207KB - Virtual size: 207KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ