Static task
static1
Behavioral task
behavioral1
Sample
74cc75fcbf2c0e5895bb84d5ac65b4e1.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
74cc75fcbf2c0e5895bb84d5ac65b4e1.exe
Resource
win10v2004-20231215-en
General
-
Target
74cc75fcbf2c0e5895bb84d5ac65b4e1
-
Size
146KB
-
MD5
74cc75fcbf2c0e5895bb84d5ac65b4e1
-
SHA1
0231b48667c344e07537c15959fb94655b5269a5
-
SHA256
cb7718c70452425ad0d3d43aa45c7fc2bd6ba812c741997c8f945ef25d239259
-
SHA512
39f195ca2f6b4eca25dc58dccd6c04198d61e7e0779885eb1a8b48eebf13e535bb779a57ce78a7d67e5de1c1c14075648e7463e4f55e2cb5484e8881cbc770d4
-
SSDEEP
3072:kmeJCp58VZDY5aD26YBIm4FHNL08J7srVXQZxFPNl8IBCmPdN:kax8D26xPhJeVX09zBCmz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 74cc75fcbf2c0e5895bb84d5ac65b4e1
Files
-
74cc75fcbf2c0e5895bb84d5ac65b4e1.exe windows:4 windows x86 arch:x86
f433e7fcc51e68080022754836705744
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree
user32
MessageBoxA
Sections
.text Size: - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
opi2du43 Size: - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FoxShell Size: - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bgybgr60 Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fkqo20.b Size: - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ppl8yupg Size: 144KB - Virtual size: 148KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE