Static task
static1
Behavioral task
behavioral1
Sample
154a98d0700287f264715ae42719c685.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
154a98d0700287f264715ae42719c685.exe
Resource
win10v2004-20231215-en
General
-
Target
154a98d0700287f264715ae42719c685
-
Size
357KB
-
MD5
154a98d0700287f264715ae42719c685
-
SHA1
c49f3101153fa9b1ce2edccc755586039cb1ce0a
-
SHA256
1e294b8d1717a7254aa47f2ccbf5e73f3b27ee9e836ffe9ae2a6975045ef9759
-
SHA512
e04aad5a308dd5668b5e81dbf08be245f2b32366a1110fff5be550a58c1697a6324999d70f4e1edb29d9cb8ac024739a4c9539cc26008a25660ee0f4d8d40f27
-
SSDEEP
6144:BmREQ1ls9atNARXbWaDsMCkb4bB+J+w6pU+BmzE2SyzjX+2/Gq3tzUtXURRV/S5g:BmqateRWSsMuhMi72v+gtzUwxS5/aWu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 154a98d0700287f264715ae42719c685
Files
-
154a98d0700287f264715ae42719c685.exe windows:4 windows x86 arch:x86
9915217f093a3d3373214df48dacf0e1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
GetKeyboardType
advapi32
RegQueryValueExA
oleaut32
SysFreeString
version
VerQueryValueA
gdi32
UnrealizeObject
ole32
IsEqualGUID
comctl32
ImageList_SetIconSize
wininet
InternetSetOptionA
urlmon
CoInternetCreateZoneManager
winmm
waveOutSetVolume
Sections
CODE Size: 325KB - Virtual size: 1012KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE