Static task
static1
Behavioral task
behavioral1
Sample
1366ff7b27da107aac0d930f784daca5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1366ff7b27da107aac0d930f784daca5.exe
Resource
win10v2004-20231215-en
General
-
Target
1366ff7b27da107aac0d930f784daca5
-
Size
186KB
-
MD5
1366ff7b27da107aac0d930f784daca5
-
SHA1
db1179f1805b98fe25743629b2ae4b41dbee240e
-
SHA256
2427155f74ff7500715f9c4acfbd1d3b78c88c5e49dd6cb88558736bc2bc214d
-
SHA512
7b3f467bebd7f7727af03a57a131c9eff37b54163c6e6fdd6301387207eee6f35e82c5e827148e474bcf71ee160a34510a914ae52a8c56daddd93a6c078fbb3a
-
SSDEEP
3072:7cKnWSESCiDHrVi3aXRhF5rcy2YItWa01uERwBRkge9ef/cxWc2dC0egfbf2wAC6:7cKWSEc7X2tWa01uERARlqu/Gf2dCG6r
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1366ff7b27da107aac0d930f784daca5
Files
-
1366ff7b27da107aac0d930f784daca5.exe windows:4 windows x86 arch:x86
4250405381d3002617e463c94568d2ec
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
TermsrvAppInstallMode
LCMapStringA
ReplaceFileA
ReadFileEx
user32
DdeEnableCallback
shell32
StrRStrIA
SHGetDiskFreeSpaceA
SHCreateDirectoryExW
gdi32
DrawEscape
GdiTransparentBlt
RemoveFontResourceExW
Sections
CODE Size: 9KB - Virtual size: 795KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 171KB - Virtual size: 175KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1KB - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pack32 Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ