Static task
static1
Behavioral task
behavioral1
Sample
f5d291799fa4b9a06d0a9ce3659e5a23d2af9a0078c41e647a39c717cc8a02a4.exe
Resource
win10v2004-20240802-en
General
-
Target
f5d291799fa4b9a06d0a9ce3659e5a23d2af9a0078c41e647a39c717cc8a02a4
-
Size
1.8MB
-
MD5
f557954b5982d5d5e5790159b77a006b
-
SHA1
bb1e26bd6f6c8c692e55e8af0a7bc55dc4cc8a40
-
SHA256
f5d291799fa4b9a06d0a9ce3659e5a23d2af9a0078c41e647a39c717cc8a02a4
-
SHA512
62d4bddb6cd0de21f343cb8c1a74fb2d782e42d2bea64e4b3f71ee5f669dc1bea9333d0c754b6d68a3bf6475a7d407bd4e57534cae9302f06adb3a87b9641a0f
-
SSDEEP
24576:M++7/TMrfIg/NbRR9kPROMDAqPyOOa4Zlq5PJJzAoh63c2ig8UwwQyGFL4/u0IDB:M1E7bT9AOMFyk4Zch6s2iEww9GFMMd3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f5d291799fa4b9a06d0a9ce3659e5a23d2af9a0078c41e647a39c717cc8a02a4
Files
-
f5d291799fa4b9a06d0a9ce3659e5a23d2af9a0078c41e647a39c717cc8a02a4.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vfkwlzmf Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xqzqkkpf Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE