Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20231222-en
General
-
Target
tmp.exe
-
Size
3KB
-
MD5
0b071b44ea8d139940f012cf57c4e5b8
-
SHA1
ec7a43eedb70f0828f137a88e6903e02b7b6796b
-
SHA256
8ddd7131cdb83f06b42834161a6c46f70150279fed051def1dc3d265091b4707
-
SHA512
6400d24b466ac6d19c88fe0ed62fda68978aa27fc05ceb6a42fb1c41aa116cd6eff0401dc51ed75bdffadfef67ad2e50e2c95d45ef0ebffc720cf8cf3257dca3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource tmp.exe
Files
-
tmp.exe.exe windows:6 windows x64 arch:x64
e82dd51b077167be63c004bed23d0c1e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
Sleep
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 446B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ