Static task
static1
Behavioral task
behavioral1
Sample
de3b315d129b1d8392c9975ef5917a10.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
de3b315d129b1d8392c9975ef5917a10.exe
Resource
win10v2004-20240226-en
General
-
Target
de3b315d129b1d8392c9975ef5917a10
-
Size
45KB
-
MD5
de3b315d129b1d8392c9975ef5917a10
-
SHA1
cd57d43d194c476211b97f160b4905545d48f243
-
SHA256
d456df6b7e01e27dc1dfecaef0c38776aa07690030990007b4daa3119b0e30db
-
SHA512
4c952a66aadc7d5446115aac4745637bbc6da0b443154ddc446a0628691cbac40d139542837883e0afecca5c4ec737a0a245fa06f2084a7c63b57e78beba8eb5
-
SSDEEP
768:TgUsDdMs+P5e8dv12XXRd2+6FgnM+TddcxlQ/iidyhbZGwze5V9jnUApRP:TgUyKP5eOUHRd2nFxcKlQ/lQh1GB5V1N
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource de3b315d129b1d8392c9975ef5917a10
Files
-
de3b315d129b1d8392c9975ef5917a10.exe windows:4 windows x86 arch:x86
6f1a827dec3fbbed96b0855f2ccec630
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
BeginUpdateResourceA
DeleteFiber
GetProcAddress
GetModuleHandleA
Heap32Next
SetConsoleCP
VirtualProtect
VerifyVersionInfoA
VirtualFree
VirtualAlloc
WaitForMultipleObjects
ws2_32
connect
advapi32
RegCreateKeyExA
shell32
ShellExecuteA
Sections
.code Size: - Virtual size: 140KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 44KB - Virtual size: 48KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE