Static task
static1
General
-
Target
decrypt-a6.exe
-
Size
949KB
-
MD5
4791410eb1f7791580d0b52ffe059d85
-
SHA1
965398fdf41237025165690ce05c45f234dd6482
-
SHA256
4c2a6d46e5e5963a213638c8db97223f7fc5407824af01c504096dd85e5ba8f6
-
SHA512
9d3fbdfecee773257f202b6393ec3682037a95e4e1b986830b6ed73ea93f4927c331a68572b60c7a4abc87cb8326b33255d371eb4efaf90e9cf2391abcce7efa
-
SSDEEP
24576:HpiXhwGNyLRuBHs8AmDDXw9QXwnXiee06BuAoHt+:JiXy+Hs8AmSipBuAoHt+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource decrypt-a6.exe
Files
-
decrypt-a6.exe.exe windows:5 windows x86 arch:x86
ff77fcfb8ab4b75b44edc89d49ad201f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
GetLastError
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetFileAttributesW
SetFilePointerEx
DeviceIoControl
GetModuleHandleW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
SetStdHandle
LocalFree
WideCharToMultiByte
FormatMessageW
SetEndOfFile
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
InterlockedPushEntrySList
RaiseException
RtlUnwind
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
HeapSize
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
advapi32
CryptReleaseContext
CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptGenRandom
Sections
.text Size: 688KB - Virtual size: 687KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ