Static task
static1
Behavioral task
behavioral1
Sample
2f16516288002c198a92b20a4c229a20N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
2f16516288002c198a92b20a4c229a20N.exe
Resource
win10v2004-20240802-en
General
-
Target
2f16516288002c198a92b20a4c229a20N.exe
-
Size
64KB
-
MD5
2f16516288002c198a92b20a4c229a20
-
SHA1
e7d90b311e6c6687bc08dd323e9d0cf23cd82682
-
SHA256
e1658e874aeb6737305de37202e0f0e19aa20f078a03a90882b2a87baa8ed06f
-
SHA512
80a50ab126e09553cfb847b2024649b067621ed8449f31ad5da6185190c6625b7084730691bae695ecb9acfc6861004d1a258c23ab5795d7f7c74068fca9f59f
-
SSDEEP
1536:IM9utJJggUzFsRq6DAD8GXN+I7fJ+aCl1feW:IhggUqI1zoI7h+aS1GW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2f16516288002c198a92b20a4c229a20N.exe
Files
-
2f16516288002c198a92b20a4c229a20N.exe.exe windows:4 windows x86 arch:x86
ef7249b8e62aa4a3300345db31ce5b89
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
memmove
fclose
__p___argv
__p___argc
calloc
rewind
fgets
malloc
_CIpow
exit
_strtime
_strdate
_tzset
fopen
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_fcloseall
sprintf
free
fscanf
_exit
fprintf
mfc42
ord3337
ord551
kernel32
GetModuleHandleA
GetStartupInfoA
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 894B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE