Static task
static1
Behavioral task
behavioral1
Sample
01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a.exe
Resource
win10v2004-20231222-en
General
-
Target
01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a
-
Size
68.9MB
-
MD5
a3e2d9eb4f1467f3f2538942ec60e991
-
SHA1
4be57fe07f6bb78704bb4138841c619b45439f27
-
SHA256
01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a
-
SHA512
6531f83e099f118aff89c711ab3b64271e717f871a4611484dc3e9aec116ea704891203f8501c997c56a7ed7b1a79b852996d958b07ce2f52d07acfa4f078845
-
SSDEEP
196608:myrRmqiyo1pJBOz0RWNaw2I7iaZrO4C3UDwN:mIRmH1p6zqAaomas
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a
Files
-
01777bfe820b679b4664442dd211d9e3a28e7382f6d78dec766ba6288e95dd5a.exe windows:4 windows x86 arch:x86
cda27b33e8e996aee045d68d1aedb6cd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
ExtractIconA
oleaut32
SetErrorInfo
VariantCopyInd
SysStringByteLen
SafeArrayAccessData
SysReAllocStringLen
SysStringLen
LoadRegTypeLi
VariantInit
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SystemTimeToVariantTime
SysReAllocString
GetActiveObject
CreateDispTypeInfo
OleLoadPicturePath
QueryPathOfRegTypeLi
SysFreeString
VariantChangeTypeEx
LoadTypeLibEx
VarUdateFromDate
SafeArrayUnaccessData
SysAllocString
SafeArrayAllocDescriptor
OaBuildVersion
RegisterTypeLi
LoadTypeLi
CreateErrorInfo
VariantCopy
SysAllocStringByteLen
VariantClear
VariantTimeToSystemTime
ole32
CoTaskMemAlloc
ProgIDFromCLSID
OleUninitialize
CoFileTimeToDosDateTime
CreateBindCtx
CoRegisterMessageFilter
StringFromCLSID
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoLoadLibrary
OleRun
OleCreate
CoRevokeClassObject
CoTaskMemRealloc
OleGetClipboard
CoRegisterSurrogate
CreateStreamOnHGlobal
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
OleInitialize
CoResumeClassObjects
StgOpenStorage
MkParseDisplayName
StgOpenStorageOnILockBytes
CoGetMalloc
CoFreeLibrary
gdi32
RealizePalette
GetCurrentPositionEx
EnumFontFamiliesExW
GetTextColor
GetTextMetricsW
CreatePalette
GetTextFaceW
comctl32
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor
kernel32
GetEnvironmentVariableA
AreFileApisANSI
comdlg32
GetOpenFileNameW
ChooseFontA
CommDlgExtendedError
GetSaveFileNameA
GetFileTitleA
PrintDlgA
PageSetupDlgW
GetOpenFileNameA
Sections
.text Size: 68KB - Virtual size: 66KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ