Static task
static1
Behavioral task
behavioral1
Sample
1651dcd8e3f21181748da839ce008783.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1651dcd8e3f21181748da839ce008783.exe
Resource
win10v2004-20231215-en
General
-
Target
1651dcd8e3f21181748da839ce008783
-
Size
195KB
-
MD5
1651dcd8e3f21181748da839ce008783
-
SHA1
11a3aeb78cb8f6d0ecdbd7e13e436de540679157
-
SHA256
41d0b9f330557911022b3368ff13b5f01d4014c7674b05c48785e3d83e414767
-
SHA512
6ec03a76a2bdb03b148cfbeed8965a315e0579431f5b99bf70181cd8cc454adbe1b765e42dc48458b8007300ffcef728a851cee87d3339157f1a17ce9556a843
-
SSDEEP
3072:tpQiK7KtzdN0gSzDVoBwCkUMy/+Sj8xHVhOBwdXO+K0JLq1YvBRJZqHHJS:9K7uJ+nDVjFU9W88xHzOyJTZqSlZqA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1651dcd8e3f21181748da839ce008783
Files
-
1651dcd8e3f21181748da839ce008783.exe windows:5 windows x86 arch:x86
7a80edc3c679854f84495fd7e2c777d5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
CorBindToRuntimeEx
kernel32
ExitProcess
GetProcessHeap
OutputDebugStringA
GetModuleHandleA
GetModuleFileNameA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetProcAddress
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
user32
MessageBoxA
oleaut32
SafeArrayUnlock
SafeArrayLock
SafeArrayRedim
VariantInit
VariantClear
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
Sections
.text Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE