Static task
static1
Behavioral task
behavioral1
Sample
2a9bf696f1af170e0e1b5ede752a1578.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2a9bf696f1af170e0e1b5ede752a1578.exe
Resource
win10v2004-20240508-en
General
-
Target
2a9bf696f1af170e0e1b5ede752a1578.exe
-
Size
4.1MB
-
MD5
2a9bf696f1af170e0e1b5ede752a1578
-
SHA1
96b9f6c7398fc9c0cc44534dfabe08f0583baf3a
-
SHA256
d8f0a37788e14306d6f5a6b15417aec0c76d08fd9c788871ad50a9ac7cd6c73f
-
SHA512
8236468322838e166fe46614dd0f90c576031ef55abfd79b249def9d320bd89b277bf3b7c84bf669480b0504637d1b93b565be5d17eae6065d2418604c25c80d
-
SSDEEP
98304:alO2xqX9gK/NBJMYpntAecuJ4hLm0amUXzEnk4:a82x3KHJMOAecuJ4hLGmd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2a9bf696f1af170e0e1b5ede752a1578.exe
Files
-
2a9bf696f1af170e0e1b5ede752a1578.exe.exe windows:4 windows x64 arch:x64
e4a8172b80d7ea86eeba3123e2be5bfe
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
GetLastError
CreateMutexA
LoadLibraryA
user32
MessageBoxA
wsprintfA
Sections
.data Size: - Virtual size: 12.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ex_cod Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 104KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ