Static task
static1
Behavioral task
behavioral1
Sample
cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d.exe
Resource
win10v2004-20240508-en
General
-
Target
cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d
-
Size
356KB
-
MD5
277068c3d1ec38c4712e695eeafb6a9c
-
SHA1
92c495cd8f63ddbc7e28efc33246b20bb4fbe2ad
-
SHA256
cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d
-
SHA512
f620b16d9b5b074d784d5943989fce40b8b68ec152523dbf7cc7daf4a6c7acfe18809f868593081a8e4bb9f4ae4e67ce63843f8c9a068d557e63ad2da31aef88
-
SSDEEP
6144:/ulLZM3j7QmPbWDSKwNhzygoEwto7J5OWm0+/WXHhQ3vgmqA8Oi4qQ79xJSQ:/eWHBWSZvzyNe7JMFuS18y59CQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d
Files
-
cf3db033ddbcf46748703496d3725309b0dfd76d86a8158d9bf7823b97a72e8d.exe windows:5 windows x86 arch:x86
ed264955f20d83c8f7c9958892120459
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
DefWindowProcW
advapi32
RegCloseKey
Sections
Size: - Virtual size: 168KB
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE