Static task
static1
Behavioral task
behavioral1
Sample
38172fcdc643bae90242cb05407efc00N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
38172fcdc643bae90242cb05407efc00N.exe
Resource
win10v2004-20240709-en
General
-
Target
38172fcdc643bae90242cb05407efc00N.exe
-
Size
21KB
-
MD5
38172fcdc643bae90242cb05407efc00
-
SHA1
394f2c4a9de91d6522a027bfe9338ed5f90b33bb
-
SHA256
ea5f3e93618dffe2195fbfbc243662a757e42e92037f84a106fe1f3d4cac8ca9
-
SHA512
83de6a6b7c29a57134d5bede5ee41ba46d524ec4da8a3dd7ca98ac9f921e51170e8e98680038e970e8267b6575487481c05f7ba1166434cfe6603576a894eb9e
-
SSDEEP
384:E5lomq/yPGL/WLDLqM4HD/H6yC6I6LkASz+nPZROlr5YFns4y55+MFHmnCrx:E56mq/yPGLWLfKjCyBQNz+nRRmtYFx0p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 38172fcdc643bae90242cb05407efc00N.exe
Files
-
38172fcdc643bae90242cb05407efc00N.exe.exe windows:4 windows x86 arch:x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.rdata Size: 16KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE