Static task
static1
Behavioral task
behavioral1
Sample
70fd6802627d319aa8c735a2ddf76e4f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
70fd6802627d319aa8c735a2ddf76e4f.exe
Resource
win10v2004-20231215-en
General
-
Target
70fd6802627d319aa8c735a2ddf76e4f
-
Size
152KB
-
MD5
70fd6802627d319aa8c735a2ddf76e4f
-
SHA1
58f977d9879aadc64ffc9485852140922df5dcbc
-
SHA256
fff85a6ec67c92863803c9323cd453845a182b6595672cac13368726be558ced
-
SHA512
b757525d5ee99e5d1a79b6d3c09c3b2a978c59406555400e61b57c61894de438a88c537fea07fa8d873157f4355015e07bc382221c92cf8e7d66e8b22c5d588b
-
SSDEEP
3072:2H1sRlpc6j1GQutQ5bb+utqNt2rRS3Y/gJzJfOJx6X:2HKznRSK5byM8AwYufVX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 70fd6802627d319aa8c735a2ddf76e4f
Files
-
70fd6802627d319aa8c735a2ddf76e4f.exe windows:5 windows x86 arch:x86
f433e7fcc51e68080022754836705744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree
user32
MessageBoxA
Sections
.text Size: 61KB - Virtual size: 184KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
limrfvy5 Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ktj3prgx Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3jtmapwp Size: - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
54e6ve8z Size: 82KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vx6duvt. Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ