Static task
static1
General
-
Target
EruptionImminent.exe
-
Size
125KB
-
MD5
afd8715ac3b4918709d924e6c51affd8
-
SHA1
19800f391273fcab92c02dd598465a3c8ec1b003
-
SHA256
a2b33ee0c34f1eb4ca6a6367a8b328a3bd777c00859da904e8b5c411a298e42d
-
SHA512
c15e7e406575e9b8ce1f0141c791165e432aa5d10359bb00f579baa3c2f9590946dc51df7a76576c19b51321e8cc28631c1f3a074e0df9be08555bb463e3e5d2
-
SSDEEP
3072:xKh2qY++77DMZtouHmnbQ+GLPNmp+r/OEJCusG/9nr/F:AgJ77DMXoap5LPgp+r/O6CsVnr/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource EruptionImminent.exe
Files
-
EruptionImminent.exe.exe windows:4 windows x64 arch:x64
8aca5cbb0f0601373f8e0beb9a1da938
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
DeleteCriticalSection
EnterCriticalSection
GetLastError
GetProcAddress
GetStartupInfoW
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
SetDllDirectoryW
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
api-ms-win-crt-locale-l1-1-0
__initialize_lconv_for_unsigned_char
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-private-l1-1-0
__C_specific_handler
memcpy
api-ms-win-crt-runtime-l1-1-0
_set_app_type
__p___argc
__p___argv
__p___wargv
__p__wcmdln
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_invalid_parameter_handler
abort
exit
signal
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vswprintf
fwrite
api-ms-win-crt-string-l1-1-0
strlen
strncmp
wcslen
_wcsdup
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
user32
MessageBoxW
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 1024B - Virtual size: 624B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 416B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE