Static task
static1
Behavioral task
behavioral1
Sample
099f17c53c30de68954b210e440cb865.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
099f17c53c30de68954b210e440cb865.exe
Resource
win10v2004-20231215-en
General
-
Target
099f17c53c30de68954b210e440cb865
-
Size
101KB
-
MD5
099f17c53c30de68954b210e440cb865
-
SHA1
3196553110dcf98d67657d47ab96f4de6fbbe04f
-
SHA256
e118d612224f307c2ae802618a6b24b1fbf549307e12b6e51d1cf814de05b095
-
SHA512
741b6f6fdc42e635cc477fb7cc2044f8119406a0979126e83c3c0abdf929cf56e55d6bf6157c654bba9841e8bbd7d86f326480448b8965bb5f589b64900a511e
-
SSDEEP
3072:1ccDJv3hYynnvKqHbobRj3I2MqAFX0sZ0rd981/y:1x1RnvKqHEbh3xa5VZ0x9a/y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 099f17c53c30de68954b210e440cb865
Files
-
099f17c53c30de68954b210e440cb865.exe windows:4 windows x86 arch:x86
b03ceb9c474e7db0109529f37e177e6c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
VirtualProtect
GetModuleHandleA
GetProcAddress
user32
wsprintfW
advapi32
RegCloseKey
Sections
.text Size: 98KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 637B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
flyer Size: 17B - Virtual size: 17B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE