Static task
static1
Behavioral task
behavioral1
Sample
50d4c88bf645352a4438a05a18bcc03f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
50d4c88bf645352a4438a05a18bcc03f.exe
Resource
win10v2004-20231215-en
General
-
Target
50d4c88bf645352a4438a05a18bcc03f
-
Size
49KB
-
MD5
50d4c88bf645352a4438a05a18bcc03f
-
SHA1
427c8b86d3024213bf11f06abd8e23e34b686e3a
-
SHA256
096b33cf00f86eef328c792bf3a816ea285fd4433231cb964c5f81e16b0fc1b6
-
SHA512
26fa937269546e5b774c30aef5678c5159c3e5d65a972b98ae7e06c900003638e929775cbf180ea82ff4e63a6ff89e7b5f190a20626b847c06f968080637baf3
-
SSDEEP
768:6zpEw0LiM71sX80UfGH6y5QM0bVX75vWzrBKsyKMnOevPH5agRlquEF5HwwJT8ki:YzMSLEG5QJJ5oBKsyKMXRRQHPJT8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 50d4c88bf645352a4438a05a18bcc03f
Files
-
50d4c88bf645352a4438a05a18bcc03f.exe windows:5 windows x86 arch:x86
96f289ca30fb5aac20dfb8d6f1e1d581
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetWindowThreadProcessId
GetDlgItemTextA
GetKeyState
GetDlgItem
GetForegroundWindow
CloseWindowStation
OpenDesktopA
GetKeyboardState
EndDialog
FindWindowExW
GetMessageA
GetClipboardData
GetCursorPos
CharLowerBuffA
GetWindowLongW
CloseDesktop
SendMessageW
OpenWindowStationA
GetWindowTextW
MsgWaitForMultipleObjects
SetProcessWindowStation
GetMessageW
LoadCursorW
DispatchMessageW
PeekMessageW
DrawIcon
ExitWindowsEx
ToUnicode
GetClassNameW
GetIconInfo
PeekMessageA
GetDlgItemTextW
SetThreadDesktop
kernel32
SetThreadPriority
GetModuleFileNameA
OpenProcess
SetFilePointer
WaitForSingleObject
GetTempFileNameW
GetTimeZoneInformation
HeapFree
GetCurrentThreadId
SetFileAttributesW
LeaveCriticalSection
WideCharToMultiByte
lstrlenA
lstrcatW
FindFirstFileW
ReleaseMutex
DeleteFileW
FindNextFileW
Sleep
HeapReAlloc
SystemTimeToFileTime
ResetEvent
GetUserDefaultUILanguage
GetSystemTimeAsFileTime
GlobalLock
EnterCriticalSection
CloseHandle
lstrcmpiW
lstrcpyA
GetModuleHandleA
SetEndOfFile
MapViewOfFile
GetThreadPriority
UnmapViewOfFile
IsBadReadPtr
WriteProcessMemory
lstrcmpiA
OpenMutexW
GetLogicalDrives
GetProcessTimes
SetEvent
CreateEventW
lstrlenW
GetFileTime
lstrcatA
GetSystemTime
SetLastError
lstrcpynW
GetComputerNameW
GetLastError
GetExitCodeProcess
ExpandEnvironmentStringsW
CopyFileW
WriteFile
GetTempPathW
GlobalUnlock
SetFileTime
Sections
.xsr Size: 38KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.kpepcx Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.buh Size: 7KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ