Static task
static1
Behavioral task
behavioral1
Sample
fd186d2994d3357f4168b85ebad83df2455704248091a118bb8288d14eb771f7.exe
Resource
win10v2004-20240508-en
General
-
Target
fd186d2994d3357f4168b85ebad83df2455704248091a118bb8288d14eb771f7
-
Size
1.8MB
-
MD5
cd9407ed0f3449be68d81f2d84b76d23
-
SHA1
45aa1e2ccc28850da9aab93b7f6fcf28fe152421
-
SHA256
fd186d2994d3357f4168b85ebad83df2455704248091a118bb8288d14eb771f7
-
SHA512
10fbc40abf6c988426305ea672b8af86acb169b817af9e9b2bcef13dc00ee5459f8c7cac41e83c74e2572a88a2a4cd200895398f19adce7ea2580470e4fe1741
-
SSDEEP
49152:HQ5f3Xe4TsuqIc4uwuqfRX11O7qn/UolilvHfxbbZ:HQBu4TjqIcufRF1Mc/Uz1xb9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource fd186d2994d3357f4168b85ebad83df2455704248091a118bb8288d14eb771f7
Files
-
fd186d2994d3357f4168b85ebad83df2455704248091a118bb8288d14eb771f7.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xpgcvhdi Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pxmnbiag Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE