Static task
static1
Behavioral task
behavioral1
Sample
75af4b7c23574a150a42e11d4aa5d458.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
75af4b7c23574a150a42e11d4aa5d458.exe
Resource
win10v2004-20231215-en
General
-
Target
75af4b7c23574a150a42e11d4aa5d458
-
Size
244KB
-
MD5
75af4b7c23574a150a42e11d4aa5d458
-
SHA1
7331b3b0dad1f29a905901c506f14262e862d021
-
SHA256
02917cf8bba8222deb4a9f715e570eca34f9a4f6c67425f02e5596182de7ea2d
-
SHA512
9ac3c4e8f2401ef9ae23f6b97a94f5b23e1992b90fe16d1fa502a5200e56899eb1127b13add1284459c6dd75476ca3c38c9d82aafc52c32a621617cdceb21ef3
-
SSDEEP
6144:Hrw8IlQKC9j1jA0XDQvG45ZVZhb1LoY7:Hk8IlQt9i0UvG45Bh1x7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 75af4b7c23574a150a42e11d4aa5d458
Files
-
75af4b7c23574a150a42e11d4aa5d458.exe windows:4 windows x86 arch:x86
f885d91f21ea5dbbe2a24860c1984cbc
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStringTypeW
GetFileType
WideCharToMultiByte
GetDateFormatA
RtlUnwind
LeaveCriticalSection
GetCurrentThread
GetCurrentProcess
IsBadWritePtr
VirtualAlloc
TlsGetValue
VirtualFree
HeapReAlloc
HeapCreate
CompareStringW
GetVersionExA
GetStartupInfoA
InterlockedExchange
GetModuleFileNameA
GetStringTypeA
LCMapStringW
ExitProcess
GetTimeFormatA
LCMapStringA
SetHandleCount
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsValidCodePage
GetOEMCP
TlsFree
QueryPerformanceCounter
CompareStringA
TlsSetValue
GetACP
VirtualQuery
GetCurrentThreadId
GetLocaleInfoW
HeapAlloc
HeapSize
HeapFree
EnumSystemLocalesA
TerminateProcess
GetCurrentProcessId
GetCommandLineA
MultiByteToWideChar
IsValidLocale
CreateEventA
TlsAlloc
GetLocaleInfoA
GetTimeZoneInformation
SetEnvironmentVariableA
GetStdHandle
UnhandledExceptionFilter
WriteFile
EnterCriticalSection
GetEnvironmentStrings
GetModuleHandleA
DeleteCriticalSection
GetSystemInfo
GetCPInfo
SetConsoleCtrlHandler
InitializeCriticalSection
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetLastError
SetLastError
GetProcAddress
GetUserDefaultLCID
HeapDestroy
GetEnvironmentStringsW
VirtualProtect
gdi32
GetAspectRatioFilterEx
StartDocW
EndPath
PolyDraw
ColorMatchToTarget
SetICMMode
SetBkMode
StretchDIBits
ResetDCW
CombineRgn
SetViewportOrgEx
GetSystemPaletteEntries
CreatePalette
GetBoundsRect
SetMagicColors
CopyEnhMetaFileA
AbortPath
OffsetRgn
RemoveFontResourceA
shell32
SHGetMalloc
RealShellExecuteExW
SHGetPathFromIDListW
SHChangeNotify
ExtractIconA
ExtractAssociatedIconExA
ExtractIconW
DragQueryPoint
DuplicateIcon
SHGetFileInfoA
InternalExtractIconListW
ExtractIconExW
SHGetPathFromIDList
Sections
.text Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 109KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ