Static task
static1
Behavioral task
behavioral1
Sample
57a2e5295719327eb7006d451751acf9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
57a2e5295719327eb7006d451751acf9.exe
Resource
win10v2004-20231215-en
General
-
Target
57a2e5295719327eb7006d451751acf9
-
Size
6KB
-
MD5
57a2e5295719327eb7006d451751acf9
-
SHA1
c177fa35e30f3cd844a7b00156775498b63999b9
-
SHA256
e4389da41a464bd3c523a07c583a8854cd8a4e770fa15af65133d5ae9fc383c9
-
SHA512
8284bd1536ce108f56cb77774692b41fd7cac7a63611b33272a494aac0e602133b7e8b95e0427c27c7e3a04b5e28ff77971090d1c4210b51ff41361981266e12
-
SSDEEP
192:t3MMN76n/LjVHXH455ijyP1oyLTnHjRG:tf76/lXH455iI1VnHj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 57a2e5295719327eb7006d451751acf9
Files
-
57a2e5295719327eb7006d451751acf9.exe windows:4 windows x86 arch:x86
dba7913bfaa23949da7b41699218c784
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
FindWindowA
GetWindowThreadProcessId
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
msvcrt
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf
malloc
free
memset
_except_handler3
memcpy
kernel32
CloseHandle
OpenMutexA
lstrlenA
GetTickCount
ExpandEnvironmentStringsA
lstrcpyA
GetModuleHandleA
GetProcAddress
LoadLibraryA
DeleteFileA
ExitProcess
Sleep
GetModuleFileNameA
GetStartupInfoA
CreateProcessA
VirtualAllocEx
WriteProcessMemory
GetThreadContext
SetThreadContext
OpenProcess
ResumeThread
TerminateProcess
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 316B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE