Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
2693a87566ffbc83aa55b5f8120ac6bd6dcbd485811291406ada42516fac6dec.exe
Resource
win10v2004-20240426-en
General
-
Target
2693a87566ffbc83aa55b5f8120ac6bd6dcbd485811291406ada42516fac6dec
-
Size
1.8MB
-
MD5
5ab1838d467627b45eaed95196038a1a
-
SHA1
03ea9152975aeef92944785179b8c93943bb1adc
-
SHA256
2693a87566ffbc83aa55b5f8120ac6bd6dcbd485811291406ada42516fac6dec
-
SHA512
742ca9bd0ea367ded1b09aba82d7ab4d4d1b983fc0e35c08d676857c31b5ae0244b3381d070ebd7a275d16a28c7f02303be830cc445b124cb10e20d03d9b274d
-
SSDEEP
49152:wc9Ov+S+4pZ6lzplbtr296AK7W/H5KQ4C/gMx20Ck:w+OPNIxplw9xL/ZKcYMxF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2693a87566ffbc83aa55b5f8120ac6bd6dcbd485811291406ada42516fac6dec
Files
-
2693a87566ffbc83aa55b5f8120ac6bd6dcbd485811291406ada42516fac6dec.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zapplmaj Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jmgwlwmc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE