Static task
static1
Behavioral task
behavioral1
Sample
491bd2a4c36575fa24487279a2601798.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
491bd2a4c36575fa24487279a2601798.exe
Resource
win10v2004-20231222-en
General
-
Target
491bd2a4c36575fa24487279a2601798
-
Size
185KB
-
MD5
491bd2a4c36575fa24487279a2601798
-
SHA1
8210dd933dd3588a73f1c1cc98fa389df9a2edbf
-
SHA256
e9cde19a8eb4cb70db4bd1fd88fd2507b1a253ce84450755e6afd751fafb6f37
-
SHA512
f0c60122ac238ede986a5e275e57e09fe3856e0975d083b81cee5962e954f36a494d4d7729b874ef2cbb56b08b88a21b34d3085b057991cb81bc6694d58c127f
-
SSDEEP
3072:NSbF8QS3nx8GkirOEbC4GToc/afE+bSSLO0lavEqveewZBZ0hUnVLDQeOyZu:EbyQS3nx85iX9Dc7eSSy0McetUn1DQ/H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 491bd2a4c36575fa24487279a2601798
Files
-
491bd2a4c36575fa24487279a2601798.exe windows:4 windows x86 arch:x86
148bf55ceb3e5471ef5f9ffc2bb75e2f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
Sections
.XComp0 Size: 165KB - Virtual size: 416KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 876KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.XComp Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE