Static task
static1
Behavioral task
behavioral1
Sample
899da555de99ca11cbf1141a3244003f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
899da555de99ca11cbf1141a3244003f.exe
Resource
win10v2004-20231222-en
General
-
Target
899da555de99ca11cbf1141a3244003f
-
Size
56KB
-
MD5
899da555de99ca11cbf1141a3244003f
-
SHA1
428e3c6c950ef2b4bcddf89bdcba35ae5a658362
-
SHA256
99b6b9bf13b96379507e633afb6eaf1d1b6e6a66a580ae936d2b6a415767d5ad
-
SHA512
10ba74df3ace35d4dfc561ec73b31635afc584e78383ccfcca0d8e50ebf73e4dc39e7d8a64b8be947edc4f88cfa0a3f632e5b17d3106c4521c2af7938d188443
-
SSDEEP
1536:DxuqUZ06yWs40oTkVuufip3nGphnfuV7kmgeYleF1:DC0gs4/8uoip3khmJk2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 899da555de99ca11cbf1141a3244003f
Files
-
899da555de99ca11cbf1141a3244003f.exe windows:4 windows x86 arch:x86
115d9b04c0b3e20cdfb74715ce1363fb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReplaceFile
InterlockedIncrement
GetTickCount
GetDefaultCommConfigW
EnumResourceNamesA
CreateMailslotW
WaitCommEvent
DeleteAtom
SetLocaleInfoA
DnsHostnameToComputerNameW
GetBinaryTypeW
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE