Static task
static1
Behavioral task
behavioral1
Sample
25a101e02a1c2caac18a22246827f819.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
25a101e02a1c2caac18a22246827f819.exe
Resource
win10v2004-20231222-en
General
-
Target
25a101e02a1c2caac18a22246827f819
-
Size
168KB
-
MD5
25a101e02a1c2caac18a22246827f819
-
SHA1
9cab794d05926b5d265612eb3a09d630baa6f801
-
SHA256
df9c5fceceb7bed229d677e48200f3ce73410629d16cd5ddb3918dcb5b5a2fd0
-
SHA512
9bf31bc7ee5fc0ec073a89999743a2a3bc9cbb9029f91b6bed6049bedb08c53a13e05265f4e6a969d830f4acbfa5e8415ce4387d87123e362fae5093d5e12603
-
SSDEEP
3072:8kYo2Q44qXO7BhqXgNL8whDx2Bjmg6qdxDb9ZwqcyOLt8oBlHRsZ:8AVdUSL8wLgmg6q7Db9ZsD8obHR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 25a101e02a1c2caac18a22246827f819
Files
-
25a101e02a1c2caac18a22246827f819.exe windows:4 windows x86 arch:x86
bbd0a23cdd89a0698b2fba93de1dc545
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LCMapStringW
SetHandleCount
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringA
GetOEMCP
MultiByteToWideChar
WriteFile
TerminateProcess
GetStdHandle
CreateFileA
GetFileType
SetFilePointer
lstrcatA
lstrcpynA
GetVersion
GetACP
GetStartupInfoA
lstrcpyA
GetModuleFileNameA
lstrcpynW
user32
DrawTextW
DrawIcon
CreateIcon
LoadMenuA
IsMenu
DialogBoxParamA
DialogBoxParamW
CloseWindow
GetWindowTextA
GetWindowTextLengthA
CopyIcon
GetDC
CopyRect
GetDlgItem
InsertMenuA
GetMenu
DrawTextA
IsWindow
LoadCursorA
GetFocus
CopyImage
DrawIconEx
EndDialog
comctl32
DrawStatusTextW
CreateMappedBitmap
ImageList_LoadImageW
ImageList_AddIcon
ImageList_Copy
CreateStatusWindow
CreateUpDownControl
DrawStatusText
CreateToolbar
ImageList_DragEnter
ImageList_EndDrag
ImageList_Draw
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 164KB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ