Static task
static1
General
-
Target
TM5.exe
-
Size
36KB
-
MD5
cdcae31380ad1d3fa4f3579a77c60516
-
SHA1
38ba828bade3f84e03c0179f1465aa946d3ab9e5
-
SHA256
65286d877a5e987fe385220af8f42130f5f6b43645eee096c4fd21cd22deac7c
-
SHA512
8b7d3655f5d12a42dd8a341bd9c4b2f9b3ad708a21c3a1f01c022b2c10fcd8eabc761a8854e39a34837b6235e226317fe7d946dc041bdd546e0bbe331b42942a
-
SSDEEP
768:aabgunPJRyK4QjjuWnXe786PX3XPAP6h9:aGxPJRyKPuWnOwaX3XPAg9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource TM5.exe
Files
-
TM5.exe.exe windows:6 windows x86 arch:x86
Password: password
281b24d631f8fd82296159f0d6e07fcf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetPriorityClass
SetThreadPriority
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
ReadFile
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
QueryPerformanceFrequency
QueryPerformanceCounter
SetFilePointer
MapViewOfFile
LoadLibraryA
HeapFree
HeapAlloc
GlobalMemoryStatusEx
GlobalFree
GlobalAlloc
GetVersion
GetUserDefaultLangID
GetTickCount
GetSystemInfo
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
RtlZeroMemory
MultiByteToWideChar
GetLastError
GetFileSize
GetCurrentThread
GetCurrentProcess
GetCompressedFileSizeA
GetCommandLineA
ExitThread
ExitProcess
CreateThread
CreateProcessA
CreateFileMappingA
CreateFileA
VirtualFree
CloseHandle
user32
wsprintfA
SendMessageA
SetWindowTextA
SetWindowPos
SetWindowLongA
SetTimer
SetForegroundWindow
SetDlgItemTextA
GetWindowPlacement
MessageBoxA
LoadIconA
GetWindowRect
GetWindowLongA
GetSysColor
GetDlgItem
GetDlgCtrlID
DialogBoxParamA
tm5
InitCommonControls
InitCommonControlsEx
Sections
.text Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 276KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ