Static task
static1
Behavioral task
behavioral1
Sample
02b9c1587a43a9c502fa8efe49447371.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
02b9c1587a43a9c502fa8efe49447371.exe
Resource
win10v2004-20231215-en
General
-
Target
02b9c1587a43a9c502fa8efe49447371.exe
-
Size
49KB
-
MD5
02b9c1587a43a9c502fa8efe49447371
-
SHA1
77899452a0747ad250d0f4d7c3ffc34208811b44
-
SHA256
36210ba033304b9549cfbc4a81a0691f599b4ef334ffcdbc466e1afb90b127b3
-
SHA512
43dbae1c096b3d726d86409aabe0e8121df0325fd4c76fb34840709d46e899a15fddfcf50bd870400e8cf878bf200a742dc88920e8afe3c273a2e20caf2c924f
-
SSDEEP
1536:ku0KyFdPCflXIdwaakmzGxP4N8KcBdgdazGMzGM:MK+0wwRMjKDMqM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 02b9c1587a43a9c502fa8efe49447371.exe
Files
-
02b9c1587a43a9c502fa8efe49447371.exe.exe windows:5 windows x86 arch:x86
103c0cb9b02aedda10363215f7517da9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetMessageA
GetWindowLongW
DrawIcon
ToUnicode
GetKeyState
FindWindowExW
GetWindowTextW
SendMessageW
SetThreadDesktop
DispatchMessageW
GetDlgItemTextA
MsgWaitForMultipleObjects
PeekMessageA
GetIconInfo
ExitWindowsEx
LoadCursorW
GetWindowThreadProcessId
OpenDesktopA
GetCursorPos
GetKeyboardState
OpenWindowStationA
CloseDesktop
GetClipboardData
PeekMessageW
GetDlgItem
GetForegroundWindow
CloseWindowStation
GetDlgItemTextW
GetClassNameW
SetProcessWindowStation
EndDialog
GetMessageW
CharLowerBuffA
kernel32
lstrcpyA
GetFileSize
ReadFile
GetUserDefaultUILanguage
OpenProcess
GetComputerNameW
GetModuleFileNameW
GlobalLock
GetTempFileNameW
GetLocalTime
HeapAlloc
GetDriveTypeW
lstrcpynW
SetFilePointer
GetTimeZoneInformation
GetFileTime
GetModuleHandleA
SetLastError
lstrlenW
GetCurrentProcessId
GetProcessHeap
CopyFileW
GetLogicalDrives
FlushFileBuffers
FindResourceW
lstrcatA
SystemTimeToFileTime
Sleep
SetEvent
FindNextFileW
CreateFileW
GetFileSizeEx
CreateFileMappingW
GlobalUnlock
CreateThread
ResetEvent
MultiByteToWideChar
WriteProcessMemory
ExpandEnvironmentStringsW
OpenMutexW
CreateMutexW
SetFileAttributesW
LeaveCriticalSection
InitializeCriticalSection
IsBadReadPtr
CloseHandle
ReleaseMutex
FindClose
WideCharToMultiByte
lstrcatW
DeleteFileW
UnmapViewOfFile
CreateEventW
WriteFile
MapViewOfFile
GetExitCodeProcess
GetSystemTimeAsFileTime
GetProcessTimes
Sections
.gpih Size: 39KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ylyn Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtih Size: 7KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ