Static task
static1
Behavioral task
behavioral1
Sample
c67deb3de2c77e2d577fe9dc501ff2cd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c67deb3de2c77e2d577fe9dc501ff2cd.exe
Resource
win10v2004-20240226-en
General
-
Target
c67deb3de2c77e2d577fe9dc501ff2cd
-
Size
396KB
-
MD5
c67deb3de2c77e2d577fe9dc501ff2cd
-
SHA1
487f0dadc9e12d9e0d613edd1011f7b156ce18ee
-
SHA256
3a7db6ff4d7fd3542db0020167334c78841a1f048ec20876ac59f3c9279c7610
-
SHA512
80ff813a6a28704cb358895d5da259fb037d713ea5c78b2cc737dc9cef8d68e8113b167f7b8e68816137d2a0e20ae89317367e545e81fe7e01f0fd79e7158a3a
-
SSDEEP
6144:kbvXrxRlsPGT8143tmUlVziQ5CSMiU6nyn67w+g:kTbMTiUuhg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c67deb3de2c77e2d577fe9dc501ff2cd
Files
-
c67deb3de2c77e2d577fe9dc501ff2cd.exe windows:4 windows x86 arch:x86
6dc3acbf38579f7f9494b214f2cce9dc
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord516
ord517
ord519
ord662
ord593
ord594
ord595
ord598
ord520
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
DllFunctionCall
ord564
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord714
ord607
ord608
ord717
ProcCallEngine
ord535
ord537
ord647
ord572
ord573
ord681
ord100
ord612
ord613
ord614
ord616
ord617
ord619
ord546
ord581
Sections
.text Size: 388KB - Virtual size: 386KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ