Static task
static1
Behavioral task
behavioral1
Sample
f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7.exe
Resource
win10v2004-20240426-en
General
-
Target
f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7
-
Size
356KB
-
MD5
e3def5511bcc25dc39a3b0ef72a211e3
-
SHA1
36125aefe24b86c2692a3b4a23efc4fd9016c031
-
SHA256
f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7
-
SHA512
3555d67fa9cf6db180799cabb38c47f3722d404f4df6738fd96ac9376d8710d165a4c65266eb8dc76f02ac3809c90b68c0cd41e4114815c511775060024cddbf
-
SSDEEP
6144:2U2EJrZ5g9ggTjwLJc1i8WUrcIOVVK5JZpe9Yg9ZuysvBXfCxG6Ob0q6ynU7zLNf:cEJ09lE2occLgzqZzHs5vCRa0WnUfJSJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7
Files
-
f8dc0023784da2049fdb5dd187ce4b92832518e89dbb467a016a4daaa06718d7.exe windows:5 windows x86 arch:x86
ed264955f20d83c8f7c9958892120459
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
DefWindowProcW
advapi32
RegCloseKey
Sections
Size: - Virtual size: 168KB
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE