Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20240412-en
General
-
Target
setup.exe
-
Size
7KB
-
MD5
24d8f60111e8db49789e0582e3f69146
-
SHA1
70d1eb3898bbf2efce3f70d7e8782546a01de251
-
SHA256
0397446de827fc7c5e161061fafb5e1a72847a9d653a675c7b2ae7b687c620c8
-
SHA512
2b8c4065423aa095a121650d92fec94d67cf6afc4e260a5ff3a413513967feffc61668b0840f69aeb4ab5956e5a793b5033b5600002d7d81e3b4594b083b4e05
-
SSDEEP
192:5gUnRiZuUuMva6P93LAzq72i2LqPXbX/:lzlMv33LGDiY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource setup.exe
Files
-
setup.exe.exe windows:4 windows x64 arch:x64
168819debd607a76e24e61fc481cc1c0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
msvcrt
memset
srand
rand
_time64
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit
kernel32
VirtualAlloc
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ