Static task
static1
Behavioral task
behavioral1
Sample
678d458687e4cc1002e58e1931a4b76e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
678d458687e4cc1002e58e1931a4b76e.exe
Resource
win10v2004-20231222-en
General
-
Target
678d458687e4cc1002e58e1931a4b76e
-
Size
53KB
-
MD5
678d458687e4cc1002e58e1931a4b76e
-
SHA1
61a8f936780b6a14b682bbeeba57b9c8e4ccefae
-
SHA256
941dcf651a2c95908071d96a19c4c00d71db82845f7a6dba48916b78e0e999c0
-
SHA512
eef6b1e48886c178c2392add7de0931b8b58009dcff764e97110503b97967a696d60b237875981528ae9a04cf046fa8e43fbdca8367143172e612f15e72554a4
-
SSDEEP
1536:rLmkROEnRcNqbtSZ5OBf6uS+KSXImt+fOIszHfQifClt5we9:rLjRLRcNqhMJuS+TImtZzHYifClrf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 678d458687e4cc1002e58e1931a4b76e
Files
-
678d458687e4cc1002e58e1931a4b76e.exe windows:4 windows x86 arch:x86
d6ef982648a1996efed0ab816dfdb6a8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CallNamedPipeA
GetProcAddress
GetCommandLineA
GetConsoleMode
GetModuleHandleA
InvalidateConsoleDIBits
VirtualProtect
VirtualQuery
VirtualAlloc
WriteProcessMemory
VirtualFree
iphlpapi
GetAdaptersInfo
ws2_32
select
advapi32
RegSetValueExA
ole32
CoCreateInstance
oleaut32
SysStringLen
Sections
.code Size: - Virtual size: 148KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 49KB - Virtual size: 52KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE