Static task
static1
Behavioral task
behavioral1
Sample
970bd1303083c2125e603ff879766bae.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
970bd1303083c2125e603ff879766bae.exe
Resource
win10v2004-20231222-en
General
-
Target
970bd1303083c2125e603ff879766bae
-
Size
134KB
-
MD5
970bd1303083c2125e603ff879766bae
-
SHA1
8437f750b93afff2a235aa6d66d18dc8224cdab1
-
SHA256
de6e8848869cf4731c99b139d26b92781dc46656aa2c520e40cced05efd0875c
-
SHA512
de40ecd7dff43f47c12ea6bec8449f774fce2c4f846eda208a58b797519503ce51eef1bc0c6869234f9a2ee906f27859aea1d93760035f1af4e68155396e990e
-
SSDEEP
3072:krv8Dzoy38DdTkCLBQLd/QYgtPet++6zmgn:ov8/PcdoCLiLNQYBDgn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 970bd1303083c2125e603ff879766bae
Files
-
970bd1303083c2125e603ff879766bae.exe windows:4 windows x86 arch:x86
38620f657972d890b6aa01ec933d668f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
GetPaletteEntries
IntersectClipRect
RectVisible
StretchBlt
BeginPath
SelectClipPath
Chord
MoveToEx
CreatePen
ScaleViewportExtEx
GetDCOrgEx
SetBrushOrgEx
GetStockObject
StartPage
GetTextMetricsA
LineTo
LPtoDP
SelectObject
SetWindowExtEx
ExcludeClipRect
DeleteObject
Rectangle
MaskBlt
GetClipBox
CreateCompatibleBitmap
GetDIBColorTable
PlayEnhMetaFile
SetBkColor
SetDIBColorTable
SetColorSpace
GetEnhMetaFilePaletteEntries
DeleteDC
GetPixel
SetViewportOrgEx
CreatePatternBrush
CreateBitmap
SetMapMode
SetStretchBltMode
UnrealizeObject
CreateRectRgn
RestoreDC
SetTextColor
PtVisible
EndPath
DPtoLP
BitBlt
GetCharWidth32A
EndDoc
SetROP2
EndPage
OffsetViewportOrgEx
kernel32
GetACP
GetThreadLocale
GetCurrentProcessId
lstrcmpA
GetModuleHandleA
GetTickCount
GetLastError
CopyFileA
lstrcmpiA
GetModuleHandleW
GetUserDefaultLangID
lstrlenW
IsDebuggerPresent
SetLastError
MulDiv
lstrlenA
GetConsoleOutputCP
DeleteFileA
RemoveDirectoryA
GetOEMCP
GlobalFindAtomA
GlobalFindAtomW
lstrcmpiW
DeleteFileW
SetCurrentDirectoryA
GetCurrentProcess
GetProcessHeap
GetCommandLineA
GetVersion
GetCurrentThread
GetCommandLineW
GetCurrentThreadId
VirtualAlloc
user32
CharNextA
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 103KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ