Static task
static1
Behavioral task
behavioral1
Sample
4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6.exe
Resource
win10v2004-20231222-en
General
-
Target
4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6
-
Size
323KB
-
MD5
c77d6f55be3fd32e85369c7d5675faee
-
SHA1
e7e9a9e42816583232e27007c6b872451a93e08b
-
SHA256
4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6
-
SHA512
ee65974c60f6ca30240594dbea9da8c2117cb64357ecdeec3c53b9dd86e8b33263b73b97fd241a78f5a5fa61edbaf0fac3d3e17e216c7e6f84fac141dea515bd
-
SSDEEP
6144:lCu3x6WPOlzwPwnEXCWGJMDi10G0h2ETTeQDw8mBSnAMEYjnq:YS/MEpDil0dTT5w8mcAMER
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6
Files
-
4c17e7a2288b771612ee2081e15be5a18fdf2788d4aa0e6bd99e8f03809285f6.exe windows:5 windows x86 arch:x86
aca35d13adb97d2c480a39887a5f629a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
wsock32
gethostbyname
winmm
mixerOpen
version
VerQueryValueA
comctl32
ord6
psapi
GetModuleBaseNameA
wininet
InternetOpenA
user32
GetDC
gdi32
BitBlt
comdlg32
GetSaveFileNameA
advapi32
RegCloseKey
shell32
DragFinish
ole32
CoGetObject
oleaut32
SafeArrayGetLBound
Sections
.MPRESS1 Size: 299KB - Virtual size: 740KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE