Static task
static1
Behavioral task
behavioral1
Sample
1a3016ddad0cee4abfd10e3ab128caf6.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1a3016ddad0cee4abfd10e3ab128caf6.exe
Resource
win10v2004-20231215-en
General
-
Target
1a3016ddad0cee4abfd10e3ab128caf6
-
Size
45KB
-
MD5
1a3016ddad0cee4abfd10e3ab128caf6
-
SHA1
df42059ab61afdbc2057ad7fc217192416c241d1
-
SHA256
b860cf0c6311e119d558bf27a1619715b513c538ea45aaadd436eba6c3d0386f
-
SHA512
e89b56c4c879bd18e902d11a1e3e0d7300f36100603a427be95fc0b723c822d72ee16d4492dfd50b585253dda0f554c0db108f0f250f230389f9e2026dd40b74
-
SSDEEP
768:IHlz8NNitcz+NSHrxKnewlWTZ9ddp6y1jB9rPlBIiCchCQEEGhQ0lwekfya:IFAutcCNS1mgnd2y1nrPlGiCcCBEulwB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1a3016ddad0cee4abfd10e3ab128caf6
Files
-
1a3016ddad0cee4abfd10e3ab128caf6.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.petite Size: 35KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 1024B - Virtual size: 741B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE