Static task
static1
Behavioral task
behavioral1
Sample
430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a.exe
Resource
win10v2004-20240508-en
General
-
Target
430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a
-
Size
1.1MB
-
MD5
bb3f13a877b7bce490965d5be1abbeb3
-
SHA1
f4068d17e85a99a869c99d36c6214c34a1c067d9
-
SHA256
430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a
-
SHA512
53d6c98cf387dd73a844cf853aa1b5b1b4ab0934e3da2f5e1d6eb55b4173299a885e7ba295a16930b2bef8747f086f45991334a65b5a2455fbc12ca5b95effc1
-
SSDEEP
24576:GU2Nmt559j0wK0LnOsPSC34+iMxdzjFA6af6FKRR:GUB55apKD7vrxNaB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a
Files
-
430492f325292bb007cf8913eed4d042ecabad89aabafd34d3be375016e7795a.exe windows:5 windows x86 arch:x86
e8910e92a5e50e6919c99830a61cfd03
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
IsChild
advapi32
CheckTokenMembership
Sections
Size: - Virtual size: 1008KB
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE