Static task
static1
General
-
Target
was-called.Task Manager.exe.fuckoff
-
Size
433KB
-
MD5
65a38b3f659b5d0d8d9517af64963232
-
SHA1
b2c8fee980c9e337f8319e703f6835db267ba10d
-
SHA256
f184639093ad944e0a3e37aff7808b4ab86274317881946f5e4bef368a956516
-
SHA512
b229159768d2420231782d6b30d1b6d2268004e4fda279256f8ed98b1c0ea90bd71c7265eeba5eda634cb37bcf83ef565b850ab1b21af94f09cd70a113b81bdb
-
SSDEEP
12288:6mz1gfF0Jr/swZo/cDe79bqW2OLcqYMX5Egd:zSsD8uW2OeMX5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource was-called.Task Manager.exe.fuckoff
Files
-
was-called.Task Manager.exe.fuckoff.exe windows:6 windows x86 arch:x86
b175eca75804863b15585c791f528962
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
WSAIoctl
ntohl
socket
inet_pton
getaddrinfo
WSAStartup
htonl
inet_ntop
htons
freeaddrinfo
getsockopt
ioctlsocket
accept
getpeername
getsockname
connect
recvfrom
recv
sendto
WSAGetLastError
bind
closesocket
listen
send
ntohs
bcrypt
BCryptGenRandom
kernel32
IsDebuggerPresent
SetEndOfFile
WriteConsoleW
HeapSize
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetProcessHeap
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
DeleteFileW
FlushFileBuffers
SetFilePointerEx
SetStdHandle
HeapReAlloc
Sleep
GetModuleFileNameA
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
DeleteCriticalSection
GetCurrentProcessId
GetLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
FormatMessageA
FindClose
FindNextFileW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
InitializeSRWLock
InitOnceExecuteOnce
SetLastError
GetHandleInformation
GetTickCount64
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CloseHandle
ReleaseSRWLockShared
GetQueuedCompletionStatusEx
GetProcAddress
AcquireSRWLockShared
GetModuleHandleW
CreateIoCompletionPort
SetFileCompletionNotificationModes
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
DecodePointer
GetStartupInfoW
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
GetCommandLineA
GetCommandLineW
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
CreateFileW
GetFileType
ReadFile
GetStdHandle
WriteFile
GetModuleFileNameW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
Sections
.text Size: 259KB - Virtual size: 258KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.unique_ Size: 512B - Virtual size: 31B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 114KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ