Static task
static1
Behavioral task
behavioral1
Sample
9c41594cea222e34a08464bcaffcf873.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9c41594cea222e34a08464bcaffcf873.exe
Resource
win10v2004-20231215-en
General
-
Target
9c41594cea222e34a08464bcaffcf873
-
Size
638KB
-
MD5
9c41594cea222e34a08464bcaffcf873
-
SHA1
94b715ecabddff4a3968fc987de792ec50000c1e
-
SHA256
a0f3f75cc5dfe7ec268ac90176cdca10155d908e52f93723265979837c67bf25
-
SHA512
91cc27a4f9325b64a35a0533ed69c2d0e612382d5f8c005460dc32d87c4af3b8ac6b42c9ae27026853a17a35aa94a4755d52a62197a21167865d4f37bcda4065
-
SSDEEP
12288:bc5GY0Y/I4u9asEhRdcpxFYctUzf138Gxv4vZiyC9V4xmP:FY054u9/EwxFYcq53FxyZDC4M
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9c41594cea222e34a08464bcaffcf873
Files
-
9c41594cea222e34a08464bcaffcf873.exe windows:4 windows x86 arch:x86
572cfad0906a6d668c1308310d852a37
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WaitForMultipleObjects
GetTickCount
CloseHandle
CompareFileTime
AddAtomA
GetVersion
GlobalUnlock
InterlockedExchange
HeapCreate
GetSystemDefaultLangID
SuspendThread
WaitForSingleObject
LoadLibraryExA
GetConsoleCP
GetStdHandle
GetModuleHandleA
lstrlenA
HeapReAlloc
VirtualProtect
GetProfileIntA
GetCommandLineA
user32
GetKeyboardLayout
DispatchMessageA
DialogBoxParamA
UpdateWindow
GetWindowTextA
MessageBoxA
GetKeyState
FindWindowA
PaintDesktop
ModifyMenuA
GetDlgItem
SetPropA
InsertMenuA
TranslateMessage
DestroyMenu
CopyRect
CreateCursor
ShowWindow
EqualRect
CreateCaret
EnableScrollBar
PostMessageA
SetWindowPos
SubtractRect
GetMenuStringA
atl
AtlGetVersion
AtlUnadvise
AtlSetErrorInfo
AtlModuleInit
AtlAdvise
dnsapi
DnsStatusString
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ