Static task
static1
Behavioral task
behavioral1
Sample
259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd.exe
Resource
win10-20240611-en
General
-
Target
259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd
-
Size
1.8MB
-
MD5
b2f0d9cde6cd1f83091b9f2a6875e6a9
-
SHA1
a7bb83cc3f9edc38751ba908d3e0bf393dcfdfc6
-
SHA256
259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd
-
SHA512
51bae1077f202a997dbb78e3ece8cf14737362aaeb0e263917a0ba44cfb89cee3b2532c2e5db88151e07c2c8f644be5a4fc3cffb4c6a7f202ee58812afae5de6
-
SSDEEP
49152:38+S7Y13iG6Fl9z0+S92ONgoknqqFwY0OiMl+SkIxsNo:M5zplR0njNZviwYZjl+Yu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd
Files
-
259930c22bc3c592893b6604fdde6233a1650ce131737a70ab6c66c69a8305cd.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ymoidgxn Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xmsnetbd Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE