Static task
static1
Behavioral task
behavioral1
Sample
3a3a1fabc27c187cfc4a8a40190ff07e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
3a3a1fabc27c187cfc4a8a40190ff07e.exe
Resource
win10v2004-20231222-en
General
-
Target
3a3a1fabc27c187cfc4a8a40190ff07e
-
Size
15KB
-
MD5
3a3a1fabc27c187cfc4a8a40190ff07e
-
SHA1
5bb2669181cf580961b3a43043c39728e10d66f7
-
SHA256
222a0dafe356d316890257ee5df922c061fec6710455281af9617ece6b4d5251
-
SHA512
eed90a88f038be88c65a01b6ff296d4728c2f60310a54d898d29564e2e5cf29490ce332d9e3215f6e14a2c9c0656df157456ce8b2d219fa8dd92bbdbc55a9306
-
SSDEEP
192:HuKjX8WGxs31ONzWTrIDzT97atF9w3KP+9BkgO2y80+AHfgJOXIBBIj/hC8:OKjSs31E8AxWtPmKPqk/eqfg0I3Ij/U
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3a3a1fabc27c187cfc4a8a40190ff07e
Files
-
3a3a1fabc27c187cfc4a8a40190ff07e.exe windows:4 windows x86 arch:x86
93b646527826530633467387cbc54542
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
IsDBCSLeadByte
TlsAlloc
VirtualAlloc
TlsFree
TlsSetValue
GetFileAttributesA
GetThreadLocale
GetCommandLineA
GetModuleHandleW
GetCurrentThreadId
ResumeThread
GetModuleFileNameA
GetDriveTypeA
GetSystemDefaultLCID
DosPathToSessionPathW
GetOEMCP
DeleteFileA
TlsGetValue
lstrcatA
lstrcpyA
GetUserDefaultLCID
user32
GetActiveWindow
GetWindowDC
GetForegroundWindow
ReleaseDC
IsIconic
GetFocus
GetWindowTextA
GetWindowLongA
GetSystemMetrics
GetWindow
ValidateRect
ShowWindow
CloseWindow
IsWindowVisible
UpdateWindow
GetDC
GetWindowTextLengthA
RegisterClassA
GetClassInfoExA
imagehlp
FindFileInPath
FindDebugInfoFile
CheckSumMappedFile
BindImage
ImageLoad
ImageNtHeader
wintrust
FindCertsByIssuer
SoftpubDefCertInit
GenericChainFinalProv
CryptSIPGetInfo
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 522B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ