Static task
static1
General
-
Target
e5fb190cb34afa45533f59258b8415cd2788042a5e7b83b2c1560c0189b3a521
-
Size
1.9MB
-
MD5
42ad64483405b6ce53c4966870c902ec
-
SHA1
c21642320252e799c8fdb2b88acf177254dccacf
-
SHA256
e5fb190cb34afa45533f59258b8415cd2788042a5e7b83b2c1560c0189b3a521
-
SHA512
62624070f30d2095ff53c0dee499c77f00e45c1c251a64cf18f7b885742ea0c5a0f4b931a01ecdbb10303be4763f6e7eb7d315ce13e2b8947df2d7ccbc0c2db0
-
SSDEEP
49152:JzJDEdJKf9YW60mnIZ8dBbFwSJ9jtFVSu1oU09z8:JzJDGIf9YJ0oI6BBwSRxc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e5fb190cb34afa45533f59258b8415cd2788042a5e7b83b2c1560c0189b3a521
Files
-
e5fb190cb34afa45533f59258b8415cd2788042a5e7b83b2c1560c0189b3a521.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 181KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
behqjawt Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xiqwzqcg Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE