Static task
static1
Behavioral task
behavioral1
Sample
6454f0463fc69e3dc9e3de963e753e5e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6454f0463fc69e3dc9e3de963e753e5e.exe
Resource
win10v2004-20231215-en
General
-
Target
6454f0463fc69e3dc9e3de963e753e5e
-
Size
51KB
-
MD5
6454f0463fc69e3dc9e3de963e753e5e
-
SHA1
9cfe5b171406ea663808b2547611cd7a1a78787e
-
SHA256
aecc1bcc652db249a6e0f01fe9ff3e90bca0135df7790398e6142e4d07d591cd
-
SHA512
5abec8f65ba838bb31d598e18c73701ad1eeac9976ad1a88fc180bd6392925ad691d2255de74de0339bb30b642b7c8a2b334c3f8c4a8cd83a22bf8e8021b565b
-
SSDEEP
1536:zsYRscinnXwoPA35s4LDR5/j+OeMSIhtT:wUiXo3uINZKOam
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6454f0463fc69e3dc9e3de963e753e5e
Files
-
6454f0463fc69e3dc9e3de963e753e5e.exe windows:4 windows x86 arch:x86
bd51a645a9c68bd03b2e51586e5cbdcb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryA
Sections
.text Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_TEXT2 Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE