Static task
static1
Behavioral task
behavioral1
Sample
698a0304cb5a76f8f327ce6cca0bb830N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
698a0304cb5a76f8f327ce6cca0bb830N.exe
Resource
win10v2004-20240802-en
General
-
Target
698a0304cb5a76f8f327ce6cca0bb830N.exe
-
Size
150KB
-
MD5
698a0304cb5a76f8f327ce6cca0bb830
-
SHA1
6f5d6a1322e99ae37971aad22484f5706ac7782e
-
SHA256
b552e8911f700b37f9a3ab2e149e8fe5dbede109ff87d9b2a9d8171723118bf9
-
SHA512
3b9125fb06b07b12da2dd4486e7aa16512b46018f5f5e3020ad8c6d67b028fe89475382ed55f8b8619c65a747599ffa7cb0792a6dd638777b5f1440433f9be6c
-
SSDEEP
3072:3IKHK3+vLoEO+Juo4MlmcoFmv2I2gSZkr2UW3Gb/qZ49hhqLaQsidoG:4moUwcojpZkdW3p4gPd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 698a0304cb5a76f8f327ce6cca0bb830N.exe
Files
-
698a0304cb5a76f8f327ce6cca0bb830N.exe.exe windows:5 windows x86 arch:x86
27dace71921d8be0ec8206fec12ab446
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLastError
GetConsoleTitleA
SetLastError
WriteFile
GetStdHandle
AllocConsole
TerminateProcess
GetCurrentProcess
GetProcAddress
LoadLibraryA
FreeLibrary
FindClose
FindFirstFileA
GetFileAttributesA
GetEnvironmentVariableA
FindNextFileA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId
user32
SendMessageA
MessageBoxA
FindWindowA
msvcr90
isupper
_mbsupr
islower
isspace
isdigit
strcspn
strspn
malloc
free
memcpy
fopen
fclose
fread
fseek
fgets
fgetc
longjmp
strchr
sprintf
strrchr
memmove
_getdcwd
_getdrive
getenv
exit
vsprintf
vfprintf
isprint
fputc
_setjmp3
_stat32
strncpy
bsearch
tolower
isalpha
memset
atoi
_getcwd
fflush
sscanf
realloc
calloc
_errno
toupper
rewind
fwrite
_rmdir
strtod
_snprintf
_mktemp
isalnum
_mkdir
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
printf
__iob_func
fprintf
getc
strncmp
ungetc
_stricmp
_strdup
_unlink
__timezone
_ecvt
Sections
.text Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 69KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE