Static task
static1
Behavioral task
behavioral1
Sample
2c54d3a377e4a2316c4687a1e5e24600c9717cbe9c690685cd6bae93f709071a.exe
Resource
win10v2004-20240226-en
General
-
Target
2c54d3a377e4a2316c4687a1e5e24600c9717cbe9c690685cd6bae93f709071a
-
Size
289KB
-
MD5
5007773c7b6e9aa0c151e0a7e4d2b9a7
-
SHA1
282edeaee724846759dca7baa78459bee05f7090
-
SHA256
2c54d3a377e4a2316c4687a1e5e24600c9717cbe9c690685cd6bae93f709071a
-
SHA512
9e358a09a88958fa2fbc23279561d51925ff4028c3d4d81e29d3fa2cfcfb6c192b8f5a2102e8f1e1276dea982f33c591cee6d5c22636ae8cdbb76bf561fbc72e
-
SSDEEP
3072:daKEiUCCXRaNEJjQlO1eaCgcGuzRWde10Q2s7s9+mrkGaQsLgopAfTVZKBTl3:daXiUCChCEel/aqllIM0n+m1s8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2c54d3a377e4a2316c4687a1e5e24600c9717cbe9c690685cd6bae93f709071a
Files
-
2c54d3a377e4a2316c4687a1e5e24600c9717cbe9c690685cd6bae93f709071a.exe windows:5 windows x86 arch:x86
0b77a580c068827ebcf9bc8f99e2fe29
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetComputerNameW
GetModuleHandleW
GetTickCount
FindNextVolumeMountPointA
GlobalAlloc
GlobalFindAtomA
LoadLibraryW
GetLocaleInfoW
GetFileAttributesA
HeapCreate
HeapValidate
GetModuleFileNameW
GetACP
GetConsoleOutputCP
GetLastError
SetUnhandledExceptionFilter
GetProcAddress
HeapSize
GetAtomNameA
OpenWaitableTimerW
CreateHardLinkW
CreatePipe
ConvertDefaultLocale
SetConsoleTitleW
GetModuleHandleA
HeapSetInformation
GetCurrentDirectoryA
DeleteCriticalSection
SetCalendarInfoA
FindAtomW
FlushFileBuffers
CloseHandle
GetConsoleAliasExesLengthA
GetLongPathNameW
GetNumaProcessorNode
CreateFileW
HeapAlloc
EncodePointer
DecodePointer
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
Sleep
HeapFree
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
RtlUnwind
SetStdHandle
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
IsProcessorFeaturePresent
RaiseException
user32
GetMonitorInfoA
advapi32
GetPrivateObjectSecurity
RegCreateKeyA
ole32
CoTaskMemFree
winhttp
WinHttpOpen
Sections
.text Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 147KB - Virtual size: 146KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ