Static task
static1
Behavioral task
behavioral1
Sample
d876126de60041cec6525f5b69f00704.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d876126de60041cec6525f5b69f00704.exe
Resource
win10v2004-20231215-en
General
-
Target
d876126de60041cec6525f5b69f00704
-
Size
73KB
-
MD5
d876126de60041cec6525f5b69f00704
-
SHA1
8a61c071120f44a23998c49e6486e4f6b3705282
-
SHA256
a681f424ed9120954d74c7d6fb5046bd7dcf87059348de221c89bd272d83e8de
-
SHA512
dc4eb8551f78482e684c567bb00b1a4c1f9644a7da96b80fe001aab61d6fc9a9be5ffa340da2bff189a01c5151551038dd4f0e8ea7437156f2ea759e537e1b0d
-
SSDEEP
1536:sOOo72KjsWxoL/dCtsJWhzWo+RWvewJOxuBUOu80xyqo/ruiSshj:sOOo72isWM/gsJq+RWveunBUl80xouil
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource d876126de60041cec6525f5b69f00704
Files
-
d876126de60041cec6525f5b69f00704.exe windows:4 windows x86 arch:x86
481b64b1fc292959930fca610d4472a5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord631
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord607
ord717
ProcCallEngine
ord537
ord644
ord573
ord685
ord578
ord100
ord616
ord618
ord581
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 960B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE