Static task
static1
Behavioral task
behavioral1
Sample
cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886.exe
Resource
win10v2004-20240226-en
General
-
Target
cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
-
Size
1.8MB
-
MD5
727c54fa3a9c67f729c897be63eb2ee0
-
SHA1
c94e05a7dd1573c0df9d2f8e9a2f1e10d0174c23
-
SHA256
cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
-
SHA512
ebf23a591fc7a602e9b1983ea54b724bdc455a4ef2e1ab40117f44fae66c5c249d34ec8809798129bdacf1a6c03f8aefde4c1bd8a4b4cea753b1dd267bee196c
-
SSDEEP
49152:c3aSs2sPNe5AMy5w0e8VfQI/K3XAZodvOh:GyPglrn8OIydd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
Files
-
cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 181KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
oboziegh Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ptqbuzdq Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE