Static task
static1
Behavioral task
behavioral1
Sample
2a366fb3fc51f05b7644a1290222fd5a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2a366fb3fc51f05b7644a1290222fd5a.exe
Resource
win10v2004-20231215-en
General
-
Target
2a366fb3fc51f05b7644a1290222fd5a
-
Size
272KB
-
MD5
2a366fb3fc51f05b7644a1290222fd5a
-
SHA1
2cdd7bcbea874bfa06fd49d71d49116141818c04
-
SHA256
76723778dde722cd95e3b963a32ebaa422817850baf38e147a25313476aef964
-
SHA512
6efa54cfebf429e57e14aa304d684d12663f877eb8429e264e34e61ceba01e43d5de34ccbd813f12e5ebd1910365957d26fd7e6c32e8e465ed9e9eb6457969b5
-
SSDEEP
6144:4hYH+dTNHQZjZTPSLsTjLvhbwjzKE5xpl8JCLNBVLY:P+NVQZFTPSIreTDr8JqN/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2a366fb3fc51f05b7644a1290222fd5a
Files
-
2a366fb3fc51f05b7644a1290222fd5a.exe windows:4 windows x86 arch:x86
ce60645ba750a25d2663f893eb5e9d87
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
CreateStatusWindowA
CreateStatusWindowW
ImageList_DragMove
DrawInsert
ImageList_DrawEx
InitCommonControlsEx
ImageList_EndDrag
kernel32
VirtualQuery
MultiByteToWideChar
GetProfileIntW
HeapFree
FoldStringW
GetDriveTypeW
GetEnvironmentStringsW
GetModuleHandleA
GetProcAddress
SetHandleCount
InterlockedDecrement
QueryPerformanceCounter
HeapDestroy
CreateMutexA
VirtualFree
SetCurrentDirectoryA
WriteConsoleA
FlushFileBuffers
LockFileEx
lstrcpyn
GetCurrentProcess
EnumTimeFormatsA
SetLastError
LocalAlloc
GetCurrentThreadId
ReadConsoleA
HeapAlloc
WritePrivateProfileStructA
FreeLibrary
TlsAlloc
SetComputerNameW
LoadLibraryExA
GetSystemTime
OpenMutexA
GetCommandLineW
GlobalFindAtomW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
LocalSize
GetEnvironmentStrings
GetCurrentProcessId
RemoveDirectoryA
GetStdHandle
CloseHandle
GetLocalTime
VirtualAlloc
OpenEventA
WideCharToMultiByte
InitializeCriticalSection
FreeLibraryAndExitThread
HeapReAlloc
CompareStringA
InterlockedExchange
SetEnvironmentVariableA
GetStartupInfoW
LCMapStringW
GetLastError
GetThreadContext
GetAtomNameA
GetVersionExW
LocalLock
GetCommandLineA
GetTickCount
TerminateProcess
LeaveCriticalSection
SetCriticalSectionSpinCount
GetStartupInfoA
SetThreadContext
IsBadWritePtr
HeapCreate
OutputDebugStringW
SetFilePointer
InterlockedCompareExchange
SetEndOfFile
GetSystemTimeAsFileTime
GlobalFlags
TlsFree
InterlockedIncrement
SetEvent
CreateToolhelp32Snapshot
CreateRemoteThread
ReadFile
GetVersion
UnhandledExceptionFilter
GetStringTypeA
SetStdHandle
CompareStringW
TlsSetValue
VirtualAllocEx
GetCurrentThread
CreateWaitableTimerW
LoadLibraryExW
GetNumberFormatW
OpenMutexW
GetTimeZoneInformation
GetTimeFormatA
GetStringTypeW
GetConsoleScreenBufferInfo
GetAtomNameW
CreateDirectoryA
SetLocaleInfoW
EnumCalendarInfoExA
EnterCriticalSection
lstrlenA
CreateProcessA
LCMapStringA
FindFirstFileW
GetFileAttributesExA
GetModuleFileNameW
GetProcAddress
GetFileType
GetVolumeInformationW
DeleteCriticalSection
LoadLibraryA
RtlUnwind
ExitProcess
TlsGetValue
GetFileAttributesW
GetConsoleOutputCP
GetCPInfo
FreeEnvironmentStringsA
WriteFile
GetModuleFileNameA
comdlg32
PrintDlgW
ReplaceTextW
GetOpenFileNameA
user32
GetWindowTextW
IsMenu
RegisterClassExA
SetSystemCursor
ShowWindow
GetClassNameA
DrawFocusRect
DestroyCursor
SetPropW
DefWindowProcA
OpenWindowStationA
UnhookWinEvent
ScrollWindow
SendMessageTimeoutA
TrackMouseEvent
DdeNameService
GetThreadDesktop
DefDlgProcA
DrawTextW
GetTitleBarInfo
EnumThreadWindows
DdeInitializeA
RegisterClipboardFormatA
DdeSetQualityOfService
ToUnicode
DrawIconEx
CreateWindowExA
RedrawWindow
ReleaseCapture
FlashWindowEx
RegisterClassA
GetNextDlgGroupItem
DestroyWindow
SetMenuItemInfoA
CountClipboardFormats
GetCursor
GetUpdateRgn
GetCursorPos
PeekMessageW
MessageBoxW
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 91KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ