Static task
static1
Behavioral task
behavioral1
Sample
e0cf6000d021226014df4f63ccdb44917dc90eedb4b4e62f6c320067c446ef7c.exe
Resource
win10v2004-20240709-en
General
-
Target
e0cf6000d021226014df4f63ccdb44917dc90eedb4b4e62f6c320067c446ef7c
-
Size
1.8MB
-
MD5
fb26e404f23d62125f6a4c9a0a62c9e6
-
SHA1
43d1f2fbb5f8fb0fbd8461741c93446cb08d51e3
-
SHA256
e0cf6000d021226014df4f63ccdb44917dc90eedb4b4e62f6c320067c446ef7c
-
SHA512
82c79a30623096e0044a58da9628e59c2a98cadb09c50f60302e04d47a7dabfc64b57efeca2e4c9213568da324d29f15fc38b268ff4b330101d93d0de2ec3bf1
-
SSDEEP
49152:J0AWYmat25fnyPgzTmC/nQ6aZeCzSdKLNcfn7fYX:JVD+5fny4zaR6yj+DfYX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e0cf6000d021226014df4f63ccdb44917dc90eedb4b4e62f6c320067c446ef7c
Files
-
e0cf6000d021226014df4f63ccdb44917dc90eedb4b4e62f6c320067c446ef7c.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
yrhdzuxh Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
qkztpvwe Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE