Static task
static1
Behavioral task
behavioral1
Sample
e2e490708a2bc4c56a69c789b7e7c4bc8e459cbf134f6939a8b5f0c0fd866e9d.exe
Resource
win7-20240419-en
General
-
Target
e2e490708a2bc4c56a69c789b7e7c4bc8e459cbf134f6939a8b5f0c0fd866e9d
-
Size
1.8MB
-
MD5
e028697f9ea3cf71eb2a70fecfc6d024
-
SHA1
d26b461b476d47fb6184533dd09f0904c4d337d7
-
SHA256
e2e490708a2bc4c56a69c789b7e7c4bc8e459cbf134f6939a8b5f0c0fd866e9d
-
SHA512
4cd2107e84ac474c93cddbfe4965480f7311c4e6d94d5417993aa70badde72928fcfbb7373eef6117d3d6152aed59c4c549e2483a95f7ba0454caf4aa719d71d
-
SSDEEP
49152:p5OFY3dvfRkEAxw/tJ6HkjTZ0MwjrDOCI5hFaRMVV:JtvOwWHqgrDS0RMT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e2e490708a2bc4c56a69c789b7e7c4bc8e459cbf134f6939a8b5f0c0fd866e9d
Files
-
e2e490708a2bc4c56a69c789b7e7c4bc8e459cbf134f6939a8b5f0c0fd866e9d.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 1.8MB - Virtual size: 5.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE