Static task
static1
Behavioral task
behavioral1
Sample
1eea51a28e238d961d1ad28e5ac2727e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1eea51a28e238d961d1ad28e5ac2727e.exe
Resource
win10v2004-20231215-en
General
-
Target
1eea51a28e238d961d1ad28e5ac2727e
-
Size
359KB
-
MD5
1eea51a28e238d961d1ad28e5ac2727e
-
SHA1
94ed0062464a867ff36e6226d6fc80a7264d6a9f
-
SHA256
6d77215f08e4684548e2b4ce10c9bf9732a12146e684216afbb2548f5fff1faf
-
SHA512
2470f5cc3ad7fa3e1e695dda4245d50e44edb11c40fef00121a69638b8c56df864d80826e089ef6c36bc2ab1e0837f6dbc20d2f467bf88be4dd89619d1265c85
-
SSDEEP
6144:5DH5euLD3TkcpEw7S7Ztvyl7iFIX/Q/VMGrJRNq6K/s8euWqraserCZT:5DHomDjrGltvylwIXU5JRNqSuW7LC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1eea51a28e238d961d1ad28e5ac2727e
Files
-
1eea51a28e238d961d1ad28e5ac2727e.exe windows:4 windows x86 arch:x86
54092356b6b4737e0a3a4b32e4e0487f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
GetKeyboardType
advapi32
RegQueryValueExA
oleaut32
SysFreeString
version
VerQueryValueA
gdi32
UnrealizeObject
comctl32
ImageList_SetIconSize
comdlg32
GetOpenFileNameA
Sections
CODE Size: 349KB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE