Resubmissions
27/05/2024, 16:45
240527-t9cdgabf37 7Static task
static1
General
-
Target
Patch.v1.3.exe
-
Size
12.2MB
-
MD5
86ec3250650aa78907688d0a2c271375
-
SHA1
97b1885fd9eb0e33c99bd30dac629acf16d50123
-
SHA256
4c858e9b63ae2f856af7f1c090d5ce3d8c75246e9c0f7018ff57efb87addd0ef
-
SHA512
b3e26968bc5e609050cae8efed5857196948e82ecd036eb9eb7e958be42d2be21836ea5b274daf7c4b814f77b0f0d6df43364e12b2272e50955a4f15433fe18f
-
SSDEEP
196608:ngxaKCCYjJP0uQv2kQ9P0Qyz3CBZMzy15KTJITj0:cNhm4z3C3MzyaEj0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Patch.v1.3.exe
Files
-
Patch.v1.3.exe.exe windows:1 windows x86 arch:x86
a07b72e5e585908fbc603a8a00070663
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
LoadResource
lstrlenA
FindResourceA
WriteFile
LockResource
CreateFileA
LoadLibraryA
CloseHandle
FreeResource
DeleteFileA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetWindowsDirectoryA
SetFilePointer
VirtualFree
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
UnhandledExceptionFilter
ExitProcess
GetLastError
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
GetVersion
VirtualAlloc
FlushFileBuffers
GetCommandLineA
GetCurrentProcess
GetEnvironmentStrings
SetEndOfFile
ReadFile
GetStartupInfoA
SetStdHandle
user32
GetParent
GetSysColor
LoadStringA
MoveWindow
PeekMessageA
LoadBitmapA
GetDesktopWindow
GetWindowRect
CreateDialogParamA
OemToCharA
DrawEdge
InvalidateRect
RegisterWindowMessageA
LoadIconA
LoadCursorA
RegisterClassA
DialogBoxParamA
CharToOemA
MessageBoxA
ExitWindowsEx
SendMessageA
GetDC
UpdateWindow
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
ReleaseDC
GetDlgItemTextA
SetWindowTextA
wsprintfA
SetDlgItemTextA
EnableWindow
EndDialog
GetDlgItem
BeginPaint
EndPaint
PostQuitMessage
SetFocus
DefWindowProcA
GetClientRect
CreateWindowExA
ShowWindow
IsDlgButtonChecked
CheckDlgButton
DrawTextA
gdi32
CreateSolidBrush
GetObjectA
DeleteDC
DPtoLP
StretchBlt
SetMapMode
BitBlt
SelectObject
CreateCompatibleDC
GetMapMode
SetBkMode
Rectangle
DeleteObject
CreateHatchBrush
GetStockObject
comdlg32
GetOpenFileNameA
CommDlgExtendedError
advapi32
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 7KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 736KB - Virtual size: 735KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ