Static task
static1
Behavioral task
behavioral1
Sample
e1cef887d0bcfd43407c6cb989ce8922.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
e1cef887d0bcfd43407c6cb989ce8922.exe
Resource
win10v2004-20240226-en
General
-
Target
e1cef887d0bcfd43407c6cb989ce8922
-
Size
160KB
-
MD5
e1cef887d0bcfd43407c6cb989ce8922
-
SHA1
dcdaea78d011e4c6b3a3e29f08a49e74f6fa1d58
-
SHA256
e7baf79aef7d376cb02f43abc102319561e9bf0da9e3a97757d8a418e5a78fa1
-
SHA512
c49874d1b965a79c812e1fc773e99ccdf5474b8dbfa164451b3725bcfa5218a36ea291e9cda76590eb972e006c340da33ff01154a4cb10288ae832537768a74d
-
SSDEEP
384:7o/WJKLJYA7H6iJyO/tkRK6/+TqvTsRU28888888888888888888888O2Rep4TKX:7oOJKLJlLg+r0VdmB/Bub5vNqNOGqe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e1cef887d0bcfd43407c6cb989ce8922
Files
-
e1cef887d0bcfd43407c6cb989ce8922.exe windows:4 windows x86 arch:x86
27d0386d619f169c99029655f6c15340
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord696
MethCallEngine
ord516
ord628
ord631
ord632
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
ord606
ord608
ProcCallEngine
ord644
ord572
ord100
Sections
.text Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ