Static task
static1
Behavioral task
behavioral1
Sample
4998109b9e4ef9c29f843585483ddf31.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4998109b9e4ef9c29f843585483ddf31.exe
Resource
win10v2004-20231215-en
General
-
Target
4998109b9e4ef9c29f843585483ddf31
-
Size
26KB
-
MD5
4998109b9e4ef9c29f843585483ddf31
-
SHA1
deab2c2a31733592166f467384f39f58de7b5d20
-
SHA256
507b0ef3892cb163cd9e71de46453270a0708f1cbd9010100c0d806b1a48ae17
-
SHA512
f32fb41f7f8760c3a09fb921ef47bd1a94c6ed5546bc22950dbfb73ff53b296766e4668ab9b36fc70f97b20c4ac08ca4d50fc258642f326059246ceed943c3b5
-
SSDEEP
384:cX8yCIb6PbMXVDMWJLv43szry87TrhD/a8kSZNK6n3hJd8HjM5dook0RJN3Nhmk:ryXbLgWJ43N87tkSZc63hJiHInv9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4998109b9e4ef9c29f843585483ddf31
Files
-
4998109b9e4ef9c29f843585483ddf31.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 20KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE