Static task
static1
Behavioral task
behavioral1
Sample
Hoax.Win32.Agent.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Hoax.Win32.Agent.exe
Resource
win10v2004-20240226-en
General
-
Target
Hoax.Win32.Agent.gen-fda946020e99a90dbd3a38fb37e04c6a88b8c67a34a2238a6768399797e01ba9
-
Size
289KB
-
MD5
824fbe4b768cecfa93bb888a7be6f09d
-
SHA1
7aab0adef8fbd49354be62c083c7be93c536e339
-
SHA256
fda946020e99a90dbd3a38fb37e04c6a88b8c67a34a2238a6768399797e01ba9
-
SHA512
833156d89451a24e46b7aaf58a65672d530f66709171236dfd1dc8daaf4552e6933d8e33023ce659e32530eb8094eb087cf0a02b9a6d61f9f3c4af782a7e95bd
-
SSDEEP
6144:8nOsaaH+zowJbn9cpQrOma+TLIXLBmtJhRyG2BJbZZuwkg0hefTc6KAfH5Gowhmv:8nOfaH0oQKpQLTLIXLBqAXbZZuwkfo6y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Hoax.Win32.Agent.gen-fda946020e99a90dbd3a38fb37e04c6a88b8c67a34a2238a6768399797e01ba9
Files
-
Hoax.Win32.Agent.gen-fda946020e99a90dbd3a38fb37e04c6a88b8c67a34a2238a6768399797e01ba9.exe .vbs windows:4 windows x86 arch:x86 polyglot
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.code Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ