Static task
static1
Behavioral task
behavioral1
Sample
281d96f355b624d11bf7c994fba9586e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
281d96f355b624d11bf7c994fba9586e.exe
Resource
win10v2004-20231215-en
General
-
Target
281d96f355b624d11bf7c994fba9586e
-
Size
47KB
-
MD5
281d96f355b624d11bf7c994fba9586e
-
SHA1
6bd096362983ac4f802b73cf14c7be9ddb031313
-
SHA256
064cc0894dd3fa5ebf403945fa5ff530cdee3629b4af9a1440120f07e29036b3
-
SHA512
86fefff14b6480faa8c4e59622aa1844779330efa9982b5ef3628565d8b09088883f6ff6479ea15c7adcf93b819d34de32e36b0a00996571254abe50e0394b6a
-
SSDEEP
768:tRRyht/5DsbrSDlFm5a9HsAus0Uq98wltxI0iERJ/B5RlxXDwL2BdWD:/s9sbmmYRs/XUq650iERJDRLTK2Bd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 281d96f355b624d11bf7c994fba9586e
Files
-
281d96f355b624d11bf7c994fba9586e.exe windows:5 windows x86 arch:x86
2b6480e86320f75e4f5b2f0a37d7dcdc
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcmpiW
CreateFileW
WideCharToMultiByte
GetLocalTime
GetThreadPriority
GetVersionExW
lstrcpyW
FindResourceW
CreateDirectoryW
GetFileTime
LeaveCriticalSection
GetModuleFileNameW
FindNextFileW
DeleteFileW
GetTickCount
HeapReAlloc
GetLastError
OpenMutexW
InitializeCriticalSection
Sleep
GetComputerNameW
GetCurrentProcessId
SystemTimeToFileTime
GetProcessTimes
GetLogicalDrives
ReadFile
WaitForSingleObject
WriteProcessMemory
ResetEvent
MapViewOfFile
GetFileSize
GetFileSizeEx
GetTempFileNameW
GlobalUnlock
lstrlenW
SetFilePointer
lstrcpyA
GetCurrentThreadId
lstrcatA
IsBadReadPtr
user32
EndDialog
Sections
.ijot Size: 38KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vibyf Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.axgr Size: 6KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ