Static task
static1
Behavioral task
behavioral1
Sample
dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41.exe
Resource
win11-20240426-en
General
-
Target
dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41
-
Size
1.8MB
-
MD5
630b7f9d5d5ef713146453992006a06c
-
SHA1
621dabd8aa08568fce594c23a7849361d11f244c
-
SHA256
dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41
-
SHA512
f037c41dcedb266544512d6ab5c96276d8e6e442c8f3944826beae30343b6731ffa6fe3fc3eccd902696feb08c88f7138cc70d022d150abe0106b39f13070dfb
-
SSDEEP
49152:FGapxHKX4irJww6+AO4n7ozTt5u3+zOA7eyRj:FN1KDrJV6+Ann7oHtMaveM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41
Files
-
dc7f7283539fe48c058303b9bfba87a569212e459efc65d82558d421b2a36b41.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 182KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xshzywbr Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vccaryoz Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE