Static task
static1
Behavioral task
behavioral1
Sample
966c821375bb297fb161b30e36659a0d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
966c821375bb297fb161b30e36659a0d.exe
Resource
win10v2004-20231215-en
General
-
Target
966c821375bb297fb161b30e36659a0d
-
Size
52KB
-
MD5
966c821375bb297fb161b30e36659a0d
-
SHA1
636cb17cc2130b508a477b5a96937a608e87041d
-
SHA256
2993103a6997333af6b6430111922e49ec908fea6967013b0c70a58765da6c31
-
SHA512
16434416c7d3c0a386deb8a7049e4914693da03d0b9933a61c4bb1d44fb0e63ae0dc735ecc977b9ea9fc4b0dcb6b536bbfde6e935ecee8ef162c5c8ada5d3931
-
SSDEEP
1536:bJACXCBSERHdNozUdxC+hZewI+ycHQrp/VX5eckJ:1AHPHNoId33eEZ8/aJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 966c821375bb297fb161b30e36659a0d
Files
-
966c821375bb297fb161b30e36659a0d.exe windows:4 windows x86 arch:x86
3b6e3b0f276cd8981b021d6bbced6749
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
MessageBoxA
kernel32
ExitProcess
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
GetModuleHandleA
advapi32
RegQueryValueA
RegCloseKey
RegOpenKeyExA
Sections
.text Size: 43KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.itext Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 32KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ