Static task
static1
Behavioral task
behavioral1
Sample
4899bbafd704b849fc73cce025b5d48a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4899bbafd704b849fc73cce025b5d48a.exe
Resource
win10v2004-20231215-en
General
-
Target
4899bbafd704b849fc73cce025b5d48a
-
Size
118KB
-
MD5
4899bbafd704b849fc73cce025b5d48a
-
SHA1
63f4a7407e41b16f0728d9f95497a9dcc00b9eb5
-
SHA256
dd0fdef726424b2efe152ed0f5fff6663542012630bf97c68ade625e7722b12d
-
SHA512
80886b264df633d60f3efdf09ae21bcd73ac66ea5f04dc1d404e5f827f8152adab74e414b0f96fe456beb2d1e2a68779c9b96ed9e91cad1d20aa2452eb05cd89
-
SSDEEP
3072:eZPOmaEnl8xxufnbGu0S9KSRUdF9PA8uo4V:en7nm0KuPwRdvf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4899bbafd704b849fc73cce025b5d48a
Files
-
4899bbafd704b849fc73cce025b5d48a.exe windows:5 windows x86 arch:x86
88be2079b9213c9640cc6f205d8edd0c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetWindowsDirectoryA
CopyFileA
QueryPerformanceCounter
lstrcmpA
GlobalFindAtomA
RemoveDirectoryA
lstrcmpiW
lstrlenA
DeleteFileA
GetCommandLineA
lstrlenW
RemoveDirectoryW
FindClose
GetModuleHandleA
lstrcmpiA
GetSystemTime
VirtualAlloc
VirtualFree
user32
GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow
TranslateMessage
GetParent
gdi32
GetDeviceCaps
RestoreDC
RectVisible
SelectObject
SetTextAlign
CreateSolidBrush
GetClipBox
SetMapMode
CreatePalette
GetStockObject
SelectPalette
SetStretchBltMode
LineTo
GetPixel
CreateCompatibleDC
GetTextMetricsA
SaveDC
DeleteObject
glu32
gluNurbsCallback
Sections
.text Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ