Static task
static1
Behavioral task
behavioral1
Sample
093bc49ab25cc6a20d95155db80f1fa8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
093bc49ab25cc6a20d95155db80f1fa8.exe
Resource
win10v2004-20240508-en
General
-
Target
093bc49ab25cc6a20d95155db80f1fa8.exe
-
Size
753KB
-
MD5
093bc49ab25cc6a20d95155db80f1fa8
-
SHA1
b1ed1ffa34d4e909e30e8a3a299a22d5101380e1
-
SHA256
0824eac1ce23de2321bce82efce874ab3c213d15f1a120d8ec08c85c7fbc250b
-
SHA512
bec9a628e91f16cd4bdfcda85f30a447ab2e817acdfcee307187cb2d5aaff32eb3fa3b659f810aca40290f97ff59122873d60e3fe9988d2195da0b6cb0870722
-
SSDEEP
12288:mUvKFtlyYqn58iP23JOcXYkrCQNkfCVvd487NYe3VqiYT6K3ifW+Janl:glyY058i0OuIQNkfCb4IV2iW+Janl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 093bc49ab25cc6a20d95155db80f1fa8.exe
Files
-
093bc49ab25cc6a20d95155db80f1fa8.exe.exe windows:4 windows x64 arch:x64
e4a8172b80d7ea86eeba3123e2be5bfe
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
GetLastError
CreateMutexA
LoadLibraryA
user32
MessageBoxA
wsprintfA
Sections
.data Size: - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 642KB - Virtual size: 642KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ex_cod Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 97KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ