Static task
static1
Behavioral task
behavioral1
Sample
21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185.exe
Resource
win10v2004-20240226-en
General
-
Target
21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185
-
Size
1.4MB
-
MD5
980c5c056262ee74e906147f51b09398
-
SHA1
aa62ecad47cab293e7053437c6b6589ad28dcd63
-
SHA256
21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185
-
SHA512
7132cf9b7085f7908bf2490c6477b2af7fede75683e2c4a4817aec43d37a9da448c5e04465bec71d55c6f4ce811655b139d42d8aae7077491962f7cbada6f57b
-
SSDEEP
24576:TJuDrVOUm1/7jeuE2+s6d100U8E/wcdJhiSDQi6+MpR/hZCB:YrVOd1/7jU1QiIJhP6+MpsB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185
Files
-
21a5f84d3ce8ef970879597b573b503163ee02c35655204b9248c4c6635be185.exe windows:4 windows x86 arch:x86
2bd3390d5feba0062b4fbb170dd4b2a9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetEndOfFile
user32
GetMenuItemCount
gdi32
SelectClipRgn
winmm
midiStreamRestart
winspool.drv
ClosePrinter
advapi32
RegCloseKey
shell32
ShellExecuteA
ole32
OleInitialize
oleaut32
UnRegisterTypeLi
comctl32
ImageList_Destroy
ws2_32
recvfrom
comdlg32
GetFileTitleA
msvcrt
strncpy
iphlpapi
GetInterfaceInfo
psapi
GetMappedFileNameW
Sections
.text Size: 396KB - Virtual size: 852KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sedata Size: 976KB - Virtual size: 976KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sedata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ