Static task
static1
Behavioral task
behavioral1
Sample
47efb17a2007530b56139ab22f3ca5c1.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
47efb17a2007530b56139ab22f3ca5c1.exe
Resource
win10v2004-20231215-en
General
-
Target
47efb17a2007530b56139ab22f3ca5c1
-
Size
526KB
-
MD5
47efb17a2007530b56139ab22f3ca5c1
-
SHA1
1759fabe7550eb4091c7c7ea5a86d71a4d893dd1
-
SHA256
454ca2e5d10f95420234911193fa193a5e2a8967f7953605e255106012d944b7
-
SHA512
f2a7ebe9d2c2a39142e2511d5bcd60b97a480f3b668a625476d7b6c502b8c8fff24d7f320303d184b792ea55182e109d6c59aa45688cd95bc13aa2e41983f329
-
SSDEEP
6144:/A6jnWn6Ua24hEfVmN9hkCmJge8Ex0hDU1zZOP+KbwPvAJ2t7g+WcyyaZQf+tZJa:/AeWn6UhyWNPgepnAwt8+tyhY+t7R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 47efb17a2007530b56139ab22f3ca5c1
Files
-
47efb17a2007530b56139ab22f3ca5c1.exe windows:4 windows x86 arch:x86
cfd647beef67f94e25535cbc4a637a29
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
InitCommonControlsEx
kernel32
ReadFile
OpenMutexA
GetTempFileNameW
DeleteAtom
HeapCreate
GetStdHandle
CompareStringA
GetFileType
VirtualQuery
GetSystemInfo
HeapDestroy
LCMapStringW
GetTimeFormatA
GetStringTypeW
FreeEnvironmentStringsW
SetLastError
GetLastError
CloseHandle
VirtualAlloc
TlsFree
GetLocaleInfoA
GetCurrentProcess
GetCommandLineA
IsValidLocale
GetLocaleInfoW
MultiByteToWideChar
HeapSize
GetDateFormatA
GetCPInfo
UnhandledExceptionFilter
GetModuleHandleA
LeaveCriticalSection
SetFileAttributesW
GetStartupInfoA
TerminateProcess
GetCurrentThreadId
WaitNamedPipeA
GetACP
EnumSystemLocalesA
GetComputerNameW
HeapFree
IsBadWritePtr
TlsGetValue
FlushFileBuffers
FreeEnvironmentStringsA
FindResourceW
GetTickCount
CreateMutexA
FindNextFileA
GetModuleFileNameA
DeleteCriticalSection
GetVersionExA
GetFileAttributesExW
TlsAlloc
EnterCriticalSection
SetStdHandle
InitializeCriticalSection
CreateSemaphoreW
IsValidCodePage
WideCharToMultiByte
ExitProcess
GetNamedPipeHandleStateA
GetEnvironmentStringsW
TlsSetValue
InterlockedExchange
GetOEMCP
VirtualFree
WriteFile
GetProcAddress
RtlUnwind
HeapReAlloc
SetEnvironmentVariableA
LoadLibraryA
GetCurrentProcessId
SetFilePointer
LCMapStringA
GetTimeZoneInformation
VirtualProtect
GetProcessAffinityMask
GetCurrentThread
GetEnvironmentStrings
CompareStringW
GetStringTypeA
SetHandleCount
GetSystemTimeAsFileTime
GetUserDefaultLCID
QueryPerformanceCounter
HeapAlloc
user32
CloseClipboard
RegisterClassExA
GetMenuItemInfoW
RegisterClassA
shell32
ExtractIconEx
RealShellExecuteW
FindExecutableW
ShellExecuteEx
Sections
.text Size: 379KB - Virtual size: 378KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ