Static task
static1
Behavioral task
behavioral1
Sample
CEE6FEC13026BBCFD6081FB4711C5F3577E005F4.exe
Resource
win10v2004-20240419-en
General
-
Target
CEE6FEC13026BBCFD6081FB4711C5F3577E005F4.exe
-
Size
438KB
-
MD5
788fcddd88240a85039f7f561093b118
-
SHA1
6b5b2ef60b3ec25a4083b1629a4fd51574428ea1
-
SHA256
c6592c2061c39ea8ed94d1f6854e16a722dc461f4d5b907b0230452d07d4cce3
-
SHA512
80767a86cac615cab303455c89e23adb32703abcfd5b3fc5b32fa69aebb13ea1ef33cd7d938e6c2b798e6a1ea60ce869afeef18e50826de0105abcc1eed21a44
-
SSDEEP
12288:qVXL0Qs04uIf8pwMvrxQuamXOCE+hMJ0kyN:0XLxs5YGb+hMJj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource CEE6FEC13026BBCFD6081FB4711C5F3577E005F4.exe
Files
-
CEE6FEC13026BBCFD6081FB4711C5F3577E005F4.exe.exe windows:1 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
CODE Size: 425KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE