Static task
static1
Behavioral task
behavioral1
Sample
58145fb9cbd6fb532f92c9462dfb0f54.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
58145fb9cbd6fb532f92c9462dfb0f54.exe
Resource
win10v2004-20231222-en
General
-
Target
58145fb9cbd6fb532f92c9462dfb0f54
-
Size
136KB
-
MD5
58145fb9cbd6fb532f92c9462dfb0f54
-
SHA1
0003913fcc5110a9df5e51922fd20f937a0f6a3e
-
SHA256
6b2c56da17c713f5d9b490dca050ad5b515af17eb6fcfce621028b520eed88d5
-
SHA512
fab6ac103a8dbe97f888cc2738ebc38e1116152079b10f79c88c2447ad5e1695c95206cae194784296a877bde4a422447beb48e8904646f0c84baa5023bd25ea
-
SSDEEP
3072:JpB64r8482bdRUaFESdtprbG1bWO6yqAK83N0hbU1o:fB64r89MUUESLpwZNm80VU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 58145fb9cbd6fb532f92c9462dfb0f54
Files
-
58145fb9cbd6fb532f92c9462dfb0f54.exe windows:4 windows x86 arch:x86
0cefd6bc459e56d19c4340a16d47b523
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitThread
GetModuleHandleA
FindAtomA
AddAtomA
VirtualFree
FreeResource
VirtualAlloc
GetProcAddress
FindResourceA
SizeofResource
LoadResource
LockResource
user32
TranslateMessage
wvsprintfA
WindowFromDC
ValidateRgn
VkKeyScanA
WinHelpA
advapi32
CryptGetHashParam
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSaveKeyA
CryptDecrypt
RegUnLoadKeyA
CryptGetKeyParam
RegCloseKey
CryptSetProviderA
RegQueryMultipleValuesA
CryptSignHashA
Sections
.text Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 876B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 115B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 120KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ