Static task
static1
Behavioral task
behavioral1
Sample
a08f4d5e8ed738dda79f7e0ff8fe1495.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a08f4d5e8ed738dda79f7e0ff8fe1495.exe
Resource
win10v2004-20240221-en
General
-
Target
a08f4d5e8ed738dda79f7e0ff8fe1495
-
Size
164KB
-
MD5
a08f4d5e8ed738dda79f7e0ff8fe1495
-
SHA1
a5806f5e04359c93da653130ce40cb82cedf87d8
-
SHA256
96726f23b077bd205c7294fd9b76d2c5ee86d44f34962d2fa3406c1adc9b68bb
-
SHA512
a3cb6fc70a2831d6ab3ef562d93bacf731a908cc638cf6a68989cc84ba6ddd30255a5c9d6a4ffe8ebdd3b9db39f02a9a783d00b20a7699fec0e03f9c9a75ef69
-
SSDEEP
3072:M4Fnw2wAQii8MRN2dXHYOqmcTaOKPWVaxJ3ZqF1dtyo1VFfz1XaGR:nNdi8MRg2mIaOUWVaxdZE6oZRXaGR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a08f4d5e8ed738dda79f7e0ff8fe1495
Files
-
a08f4d5e8ed738dda79f7e0ff8fe1495.exe windows:4 windows x86 arch:x86
4341965020429eb889ca31b4b12c893f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
CreateFileA
GetCurrentProcess
LoadLibraryA
CloseHandle
LCMapStringA
user32
wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA
advapi32
RegEnumKeyA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegEnumValueA
RegDeleteValueA
RegSetValueA
Sections
.text Size: 145KB - Virtual size: 148KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ