Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.SpywareX-gen.10108.26198.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.SpywareX-gen.10108.26198.exe
Resource
win10v2004-20240508-en
General
-
Target
SecuriteInfo.com.Win32.SpywareX-gen.10108.26198.exe
-
Size
2KB
-
MD5
5af24afbd5017ff783db346dfbdc06f0
-
SHA1
161feb5b9791b0a775874b5b069213e1720d5648
-
SHA256
ba845e3e751e1603da39791f65c58ebd1f4fbf566c6e6e22b039dc054e9bde7e
-
SHA512
7cd8236cde345044e062299125db07b404ffa6452afbbd3a235bd53f7f8dd62a8f50913e9b4813b6c2729f7afb9f35ce41bc987f95044ecc13700467195b9029
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SecuriteInfo.com.Win32.SpywareX-gen.10108.26198.exe
Files
-
SecuriteInfo.com.Win32.SpywareX-gen.10108.26198.exe.exe windows:1 windows x86 arch:x86
56b3e86797f3d49ac93857243da9f2d3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
GetStdHandle
ReadFile
msvcrt
printf
strtoul
Sections
.data Size: 512B - Virtual size: 11B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 512B - Virtual size: 320B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 208B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ