Static task
static1
Behavioral task
behavioral1
Sample
103fadc185324832b987ab650159e948.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
103fadc185324832b987ab650159e948.exe
Resource
win10v2004-20231222-en
General
-
Target
103fadc185324832b987ab650159e948
-
Size
119KB
-
MD5
103fadc185324832b987ab650159e948
-
SHA1
87fb41fe950d644ece1bdab30ef7d2829ea241ec
-
SHA256
3a069d80ef660326dcb14671be90283cabff3ecd2203e0d2aad5493c4a495600
-
SHA512
8e98ee40fefea7c67444e2b247316f0062f4ab010a5292a950e898ddca228abbdf69d59f1cef07fa8517bcc0595bec04784ef1a0cfe1827f99432d5068fc0dbc
-
SSDEEP
1536:W7SoAxhgk0PMUcK5AeTuRhx7V4tiS5vL3bqROUvG3PfMm1kFizk2+/hRTiW41fyq:aSocK5AlhxVS5zbKO2FRXZpVmfyUX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 103fadc185324832b987ab650159e948
Files
-
103fadc185324832b987ab650159e948.exe windows:5 windows x86 arch:x86
b74e98a8f724a20daf66707c8872f8cf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
ReadFile
GetSystemTime
GetFullPathNameA
GlobalAlloc
GetFileSizeEx
CreateFileA
GetModuleFileNameA
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
user32
CreateCursor
RegisterClassExA
LoadStringA
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.XAB Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 81KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ