Static task
static1
Behavioral task
behavioral1
Sample
03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2.exe
Resource
win10v2004-20240426-en
General
-
Target
03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2
-
Size
1.1MB
-
MD5
c027789373489a23c448b0e9551c4f68
-
SHA1
9503948d90f7c02232c1ab8e0c677e65bc3c2972
-
SHA256
03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2
-
SHA512
c12dfb37c7f2240f6685d129af33c994fab6babca5e20e68f95a3325fee3738b7afdd8af20e4dcc0e020aa36d42d821a9901c7ac2a6bc3eec2ee2fc92b47a913
-
SSDEEP
24576:AG64Xy3SKnAfaMpTFn48B76Q/0u0YGgbefLmC:oCDSYZB76PYGgaSC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2
Files
-
03703c3ac4b9317b6e724f735c00844846c4d677451db2067aa90f8dddce4af2.exe windows:5 windows x86 arch:x86
e8910e92a5e50e6919c99830a61cfd03
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
IsChild
advapi32
CheckTokenMembership
Sections
Size: - Virtual size: 1008KB
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE