Static task
static1
Behavioral task
behavioral1
Sample
50470deb608a273cbfe2075c01041166.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
50470deb608a273cbfe2075c01041166.exe
Resource
win10v2004-20231215-en
General
-
Target
50470deb608a273cbfe2075c01041166
-
Size
472KB
-
MD5
50470deb608a273cbfe2075c01041166
-
SHA1
1f0701cd5fcfcdd9d785a7af4699853c793bcda5
-
SHA256
ad04437d8d09f7f593a471e0950d3eab8b1abf72eeb2b6de6674d4f14b722786
-
SHA512
bf13420bd46cf08ebdd2359ad84f2147337d90f76c945297bcf626453e089d46fb388f062c0f2ee818fc069c1ff0c5bad85dfa3c017eb788ac5b260926af3ae2
-
SSDEEP
12288:5Yg/vPniFzsHh0dlElb6UqWd5pGB5nOzFFai7nAAHfSLXyR:73Pn8zO03xs7RHf3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 50470deb608a273cbfe2075c01041166
Files
-
50470deb608a273cbfe2075c01041166.exe windows:4 windows x86 arch:x86
e2fc166ff6504a25702e446b4946d8a4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
ZwDeleteValueKey
user32
GetMessageExtraInfo
GetShellWindow
Sections
.text Size: 466KB - Virtual size: 468KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 307B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE