Static task
static1
Behavioral task
behavioral1
Sample
6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral2
Sample
6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227.exe
Resource
win11-20240730-en
General
-
Target
6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227
-
Size
1.8MB
-
MD5
248d72640b5697bedb167b6922f7d9ec
-
SHA1
232be32e0792a7308654b29f2001b4ece7c2dcbc
-
SHA256
6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227
-
SHA512
002d4f34ac151a89a9e778ca2f80d69572af44ff8c936ca8c2b383706d07598729b1908ed5f49921dd9fca9c4f920d5c2660cb8da2ad0514097dc7ad6291d571
-
SSDEEP
49152:q+VoJlBFDG7ZyGvyxknkupHSpAdh+vTLIyyu9:q+YlBE7cjikCQe+vTLtyY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227
Files
-
6ea68397c9ada660d60cd92137460f9ec823d57374a5ea490b834362d1641227.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ugnkfadg Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ghytficf Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE