Static task
static1
Behavioral task
behavioral1
Sample
1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354.exe
Resource
win10v2004-20240611-en
General
-
Target
1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354
-
Size
147KB
-
MD5
989b29681f22c0c7561e441bbf6cb64c
-
SHA1
9af369fb52aa633ce14a73ccc61ed2b42e239284
-
SHA256
1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354
-
SHA512
9adb9722fe1cdfc33df937fa6e53b5f8e848e889baa4b1fb19f9cef35eaadba414ac6b0126693c4f395ce023cc74a6563e22c21a3035aeeac8c73c8c46910c70
-
SSDEEP
3072:/xy0oU7ZcUsxkwfY7yfyzwkV+7QlPWOE9SH:o0oYCxdfQGBk7Rv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354
Files
-
1e19566e509e147d99babae1b63b9fdf6add9802b0920c536546dfdf112b0354.exe windows:5 windows x86 arch:x86
a4bf319a585f02845ec40871b089179d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetConsoleWindow
CreateFileW
SetStdHandle
WriteConsoleW
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
LoadLibraryW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
user32
ShowWindow
ole32
CoUninitialize
CoInitializeSecurity
CoInitializeEx
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ