Static task
static1
Behavioral task
behavioral1
Sample
1e2a1cac2ef99c26948f4f09b5a16bbd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1e2a1cac2ef99c26948f4f09b5a16bbd.exe
Resource
win10v2004-20231215-en
General
-
Target
1e2a1cac2ef99c26948f4f09b5a16bbd
-
Size
76KB
-
MD5
1e2a1cac2ef99c26948f4f09b5a16bbd
-
SHA1
74d659c851b6f05326834161a0d3aab243817ace
-
SHA256
ba6f7e299dd27fbbf7f46d56c8e9760b1a47c0fd02a1b558d0dcc6776009034a
-
SHA512
465ff41093bb1984648b58dbc279571a87e4d237004912d62bafffd6d5122a2e0b0fda0c2fe7f422ff27432119984098b82ffbd1aecfa16ba4d9574f92bd71a3
-
SSDEEP
1536:12Z5XE+DK3uri5k5yXr259F19VHKxIPWShlWHLybqu50KAlL:g3XE9n5k99F199PWShSyJ50fL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1e2a1cac2ef99c26948f4f09b5a16bbd
Files
-
1e2a1cac2ef99c26948f4f09b5a16bbd.exe windows:4 windows x86 arch:x86
618a59daf6425a095c67e831c56518df
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FreeConsole
GetFirmwareEnvironmentVariableW
GlobalFree
RtlCaptureStackBackTrace
EnumDateFormatsA
GlobalUnfix
GetCurrentProcessId
OpenJobObjectA
GetNumberFormatW
UnmapViewOfFile
DebugActiveProcess
DosDateTimeToFileTime
GlobalUnfix
user32
AlignRects
GetCaretPos
GetMenuCheckMarkDimensions
DeleteMenu
DrawCaptionTempW
PrivateSetDbgTag
GetDoubleClickTime
SetWindowsHookExW
SwitchDesktop
EndTask
OpenWindowStationA
SetMenuItemInfoW
GetCursorFrameInfo
Sections
.text Size: 73KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ