Static task
static1
Behavioral task
behavioral1
Sample
de8e57ce36c3b6d7a08e9d8291d64f34.exe
Resource
win7-20240215-en
General
-
Target
de8e57ce36c3b6d7a08e9d8291d64f34
-
Size
274KB
-
MD5
de8e57ce36c3b6d7a08e9d8291d64f34
-
SHA1
eb9dc8c686c18c4d88bcbc74805cf73a4f760122
-
SHA256
c069224235b4f48f9835b50a00d791a0d2e98a34c2073b60a51aea2e1c9bfbd2
-
SHA512
59df4e64cf95770a4e64990f8346c9f9376fcfd31d2c8c3bca315683c70959b1a5f4c0f8d7e4a3d389e87bf384133c83b7c0b2ba68838bea9ba33fa572cd74ed
-
SSDEEP
6144:5dZ8oLDWKzjZcYrieLvzbNqWf2WeNR51WHhDxw2Qvgx4:7LpzjeWLfmRHMhDxw2n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource de8e57ce36c3b6d7a08e9d8291d64f34
Files
-
de8e57ce36c3b6d7a08e9d8291d64f34.exe windows:4 windows x86 arch:x86
6ca8116d2eae880ce976010c9bb6deab
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalGetAtomNameA
GetTimeFormatA
GetDateFormatA
GetACP
TlsAlloc
VirtualAlloc
GetOEMCP
GetConsoleOutputCP
IsValidCodePage
SetFilePointer
EnumResourceTypesA
RtlUnwind
HeapReAlloc
TlsGetValue
GetLocaleInfoA
MultiByteToWideChar
TlsSetValue
IsSystemResumeAutomatic
WriteConsoleA
HeapSize
GetCPInfo
SetStdHandle
RaiseException
version
GetFileVersionInfoA
shell32
SHDefExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA
Sections
.text Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 137KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ