�����Q=�H\�nc���w�ݠH�. �C<Z��n �FB��G��T�W�~�2B��c�8(�AqR:�!& K��U���A�ߦ�P����P*b�bv� <����F��;�����?+)9ØY�s���1���E�F� Q(�s-�M�>W���� �b��%�JOy�$��k\=�}Mb7����'R�i��LL�ҹ���֭P��$!߃�F��,B"�\p�L����������ވD!#S��[�9nvA'��m�e�٫�8��S���w?�e?���-��mF)� �0]�.��C�������Kg���M8�BDO�}{��H��5�k���1��%_�C��JD)oI������`�Pm3�0�,�����\ȔHs�h����;�$�XLځ�ZPOXw/�G ��h)�_�qڟ=��"o �ۋ/�R!E��ۑ�Y�L����Zڋ�y�Z�^�}�@D2����&����݆\ NP�<g���o�S��g��]����m�9��r2t��T��2�,��s�P��{g��Q��h�.�8;��5��jQ�4in��Q�U&rIย���v�Z��}�}�'7γ��Ǔ&���Ӗ��w�:�7������\��AXq���el��n �I=i2Ѵn+ѕC������V��l���b��̷4�ye��G���Iu]�D�p����aX�.�������VzN��u0����~�@�Hy ��[����d��ٿa����P+o7sY����aj�on���{<� �����3Jϝ���!���&�+���6$�l{���2�/�+*�/D��+���R�=8�&��O.��B�[&� ����Z!����B{��FJ'��vŏ5q�S̸LҠ�n�v�A>i��æ �`}�ę�Cʣ�j@�W�ΥV��"�2�+�.�Mhu�Iy�L�sԭ �b�. X�Im�#oA�}�?�=����m��.���i�X[������Bԏt�T라�{!�/SH3f:�$��n>��U^�J�E���Y�܍J�&7� ��&��v�ꏬ$��B�R)d�x�����&�D�Jk�?%�9��M�d؋Jx��;(�G%V3v` ���W�%��7�A�f�ػl�����������p,U�uZ��UO�H�f� �b�A����T�c/-��s�yB�?o��!v��K��lO�d �x|�ΓoOK��0NI9�I�Z�6��#녖A �W�',��Fߙ���k����D�n��0q�6楅a��vn1I�\��*!�S����/�.�z���MC0}"�ˁ��A>B�=��n��) �= >O�Husߵ�3E�z�J��;�n��jl��%VDy*�M�� C�Y��&%B�h�Vl�J���^?�,a��phP����C�*�ˠ(������TI��f�싓����29�⩇�UQ����2�����,LB���.��3� ��o5V�tgK1s��#oY{1�u�s!6����ݦz�&V�g�- ��������A0`���˕����`1*�E${�kxV��Ra�\��8Q@�a��2;� ����X��M�!o¢�Bg� l�T{������l!Ξ�K�7e�9��.w��̷�G-�\��0�z!vr��"S �R�������_10P!��Y�F�����F�n#)�M��O�Q��p�����B�\�g�����J�p�_���^���B����ə �"���rB9�8HP$#�I�ͻ;�R���,�ۆ������� ��ڷ4��/0�?ե��teGb����)��l� ��h� �S4D���g�[/ �E��A�]^���9���y|e����vvg2�}�z�O��ӊ�����h#"��++����ߐ5��{�R����� ����hH�+�M,���t�)�+t�4������%��"-�Ȧ� �*$�#;Y��%��U;B@-$����uH��N/<��+�^�2ջ��bBͥ1��V�K�J�E�C��qWZ]������W����.U<�� x�%qG�i�g�����f�� 屫����bn�B/Ć��^�D0����O�Y"����S�T"�/�-`jC^��٠�a��a$"1�A���*ܨ���b�=g��F��o3�#Ɠ�6Q��b֭�h-��L<����Gu����b����/���G�7�Ju/���̜�b��Bz�wY*������䬽� ���K�;s��$�]����VPs{�N��HS�ә�t�+_�8����>E����*C�U�>� -z|�}j~�o6>ֻ��%�EA�Sȡ�z�P��z�������l0�]�֛�Ja�t��vH}�N�:6�[^1�����\2/��5`��hG��E�d$1n��p��BW ��|�R�G\�`o��.+p�NGg����"9�I� S��\�a�NlA�1���� ��cWm܀ 3�S�����%G��)�� �����������b���!�J?�l�!���Y����t~Æ5BC6kTJ�w$rX6�/�T@D!>9%ngZ@~�������!�p����)9:��x����oH����APY�-��(b]P��fh�?C���"��Q�� G��7�O>b��ceC��\[:W�sx�ײ�ˍ�����o�_�� �YX�H�<b�t-N�Ȩ_�X���"�l�����V�&�fl�?����s̹�����[����%QQ�$��U�l���Ç�������R���-�B 0��yo��ǪJV(=ywM�L��]*�)��LC��{ڐm���n�Hߦs�Q����B��ӫ wc�w��K�u4��qj�^ ~�m����*��@<%����H��l�Z���v� 5 9 �%�hJ�i;᠃�g�g�bX!����G�G���B���%����E 'e���̩E�y�� ��0�������7�-��(��ٮ0;�lg}��l�J]U7(O4/A���/�0��w�#�.��.�ʇ�߂���1���d㊞�F����,�M�����І�o=��i��5���Q>��B&����j �Bri��쌊c�:U��xdy��D�҉�5�� X~IF�^���������\
Static task
static1
Behavioral task
behavioral1
Sample
98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1.exe
Resource
win10v2004-20240802-en
General
-
Target
98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1
-
Size
2.4MB
-
MD5
0bbd09f1d3442b40e60fab8e7ff31b01
-
SHA1
389990f2f49874a802882627eae5fccb941951f2
-
SHA256
98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1
-
SHA512
7fd8fe38acd00d134a3652a3133f7ea10aeba95b20e8eabbc3dc666d7cf2e88c77349871fa41e57fae38d918d37b5b73e60200c1ac19faa9f9fbfe1e67b8e4b8
-
SSDEEP
49152:pD0iMG1TvFJ6w5tgtQwbkhxKKSOrq4kOskg586PQLq1z:JDFbJ55QQwbAtSOrDfskg9POq1z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1
Files
-
98d6c2bc40304ad10035107b40eda16a0c579adea30b8f0dd6fdf7b6c65d68f1.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Sections
Size: 32KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 204KB - Virtual size: 7.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE