Static task
static1
Behavioral task
behavioral1
Sample
64b8dde127d40a5204539fe60b7b45bd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
64b8dde127d40a5204539fe60b7b45bd.exe
Resource
win10v2004-20231222-en
General
-
Target
64b8dde127d40a5204539fe60b7b45bd
-
Size
13KB
-
MD5
64b8dde127d40a5204539fe60b7b45bd
-
SHA1
790346f7e198b3acea4c18ce3fd2cfe8cb5b932a
-
SHA256
d48506adff4943e9dfa79cb55154b7bce0d422f05d3530416aec961b02ac8901
-
SHA512
73c90163b2919e3a8f5050f5025bdf11a271d8fbcde4c23260d01f56c8ce7f76703821a20d49b094d5282b4663b6cf2e739b141b83abeebbc2e8b09a851e5e7d
-
SSDEEP
384:AdRMg8yQv7ag/yjCUuiDI11+aS505o4s9FJSLx:A/Mg8yQR6C3L+6od3Jy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 64b8dde127d40a5204539fe60b7b45bd
Files
-
64b8dde127d40a5204539fe60b7b45bd.exe windows:4 windows x86 arch:x86
ab0b86e21b185dc136eb3e7e6199be73
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
QueryServiceObjectSecurity
kernel32
GetPrivateProfileSectionW
user32
SendDlgItemMessageA
CreateCursor
GetPropW
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE