Static task
static1
Behavioral task
behavioral1
Sample
56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a.exe
Resource
win10v2004-20240412-en
General
-
Target
56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a
-
Size
230KB
-
MD5
27bc9ac28c838bf968bc10e409d23fc7
-
SHA1
146e7f322dc5d68fb078ddca987c9c1fc2778a13
-
SHA256
56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a
-
SHA512
91bf730589d05b2c41bcf5de2f4374c72ee88ee43da31e71e3c8144b7b38abaaab538d49712c35f8dda436fcc215f1e1f4d0be48dfb8d4dc1410df93cd4db429
-
SSDEEP
3072:/MDCkU0Pj25agjZhUwuxCkKg34um3ZW7zcyEB66tRNy9+ikEV9aUMjIh14t/a:UZxL2vaCk77zZEY69iT3aUMU2S
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a
Files
-
56c9ee8384ad1c644b39c12680e3b12f0dc4cbb70eec3728198061cbfa34cf2a.exe windows:5 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 202KB - Virtual size: 596KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 24B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE