Static task
static1
General
-
Target
AtomicParsley.exe
-
Size
228KB
-
MD5
2c981b9276b7b4a1a03b628431a06ef7
-
SHA1
458cc4002225d8d4223230ebebc9041a9a0f47f1
-
SHA256
5afcc51d9a261416a43ff1017f3eb2c0b38878ca5902a480cc19b557e97305d8
-
SHA512
b9899b1b2263068a8fe175f32ffbed86c87b7a3e01c0c4970bed7acdcdd2d0c35b62d8aea99e547a58d6c809e54469a109440c0df979b33c6127b0d6b87f4292
-
SSDEEP
3072:FDM/M6MmgZ9kyDVAEsZVwxTZBgrMeIvG+XAeGWgBH8zhJEAhmHXscyLtbnrWajFl:QM6rlow34lBgrMeIuATGWGekX504C
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource AtomicParsley.exe
Files
-
AtomicParsley.exe.exe windows:4 windows x86 arch:x86
2452071c1a69b528aa9ee02fba131c2e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFilePointer
WriteFile
WideCharToMultiByte
SetConsoleCP
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
GetFileType
GetStdHandle
GetVersion
HeapFree
HeapAlloc
GetLastError
MultiByteToWideChar
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MoveFileA
MoveFileW
DeleteFileW
DeleteFileA
SetConsoleCtrlHandler
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ReadFile
GetVersionExW
GetFullPathNameW
GetCurrentDirectoryA
CloseHandle
FlushFileBuffers
GetFileAttributesA
GetFileAttributesW
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
RtlUnwind
GetModuleFileNameA
SetStdHandle
GetCurrentDirectoryW
LCMapStringA
LCMapStringW
CreateFileA
CreateFileW
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
LoadLibraryA
GetFullPathNameA
GetDriveTypeA
SetEndOfFile
SetEnvironmentVariableW
FindFirstFileA
Sections
.text Size: 152KB - Virtual size: 149KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64KB - Virtual size: 130KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE