Static task
static1
Behavioral task
behavioral1
Sample
cceb900fffe01e54aa0f03a2750158a8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cceb900fffe01e54aa0f03a2750158a8.exe
Resource
win10v2004-20240226-en
General
-
Target
cceb900fffe01e54aa0f03a2750158a8
-
Size
854KB
-
MD5
cceb900fffe01e54aa0f03a2750158a8
-
SHA1
bfc8fb018c50ba7536459cb1a6e3faeca6284edd
-
SHA256
43fb0d1664985701239415574a5da0cd6246fa4fd2fb1811add7f8fadc383f5f
-
SHA512
5bf91fbaf56d0adb2bea5c8080b83311fc55ec28af22ec9e76fe887c4878f33f7bcd702616d202fc18ab02a6342a5478552926ab8c1b69e1950dab3201972fb0
-
SSDEEP
24576:5HuLobxurA8EVXj4eRnny459duUjiH1R:5OkorEVL1n57njiVR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cceb900fffe01e54aa0f03a2750158a8
Files
-
cceb900fffe01e54aa0f03a2750158a8.exe windows:5 windows x86 arch:x86
c3a7290a07cf865e8a2dd0c732ddefbd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
SetWindowsHookExA
SetWindowTextW
SetTimer
DialogBoxParamA
FindWindowA
WindowFromPoint
SetRect
GetDlgCtrlID
CharNextW
SetParent
GetScrollInfo
GetWindowLongW
GetCursorPos
CallNextHookEx
IsChild
GetSystemMenu
DrawIcon
IntersectRect
DestroyMenu
GetMenu
SetForegroundWindow
SetClipboardData
GetMessagePos
GetWindow
PostMessageA
OpenClipboard
GetClientRect
GetWindowRect
GetScrollPos
GetSysColorBrush
SetScrollInfo
GetMenuItemCount
kernel32
FileTimeToLocalFileTime
EnterCriticalSection
CreateFileMappingW
QueryPerformanceCounter
GetFullPathNameA
VirtualAlloc
SearchPathW
lstrcmpiA
GetSystemDirectoryW
GetSystemInfo
HeapReAlloc
IsDebuggerPresent
lstrcmpW
LoadLibraryExW
FlushFileBuffers
SetCurrentDirectoryA
ExitProcess
OpenProcess
ReleaseMutex
MapViewOfFile
GetDiskFreeSpaceA
RaiseException
LoadLibraryA
DeleteCriticalSection
lstrcpyA
OpenEventW
CreateFileA
GetShortPathNameW
GetProcessHeap
ResumeThread
InterlockedExchange
GetVolumeInformationW
SetEvent
LeaveCriticalSection
GetTempPathW
GetEnvironmentStrings
GetLocaleInfoW
msvcrt
_purecall
memset
_callnewh
wcsncmp
__getmainargs
qsort
time
memcpy
atoi
exit
__p__commode
strchr
_wtoi
__set_app_type
wcsstr
fclose
isdigit
Sections
.text Size: 159KB - Virtual size: 159KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 609KB - Virtual size: 609KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 82KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ