Static task
static1
Behavioral task
behavioral1
Sample
629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed.exe
Resource
win10v2004-20240802-en
General
-
Target
629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed
-
Size
9.5MB
-
MD5
377d0ad02beaa2782c011d5fad054e21
-
SHA1
445bef2fa4003cc6b9fafc6156dac6d7544d7e1d
-
SHA256
629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed
-
SHA512
ed3e33b1b01d401ae6925efb3ecce4f256d1558db13d73cd7e6957f3bcda9833aae2ffc2d884398f72bbd3bfacd06bff1b6161d0d38fb05d99ccaf8fba0fdf4d
-
SSDEEP
98304:EmrPlMsxXe+9AavUZ/6E/VwfazD4EMexO1URqcLzeuYonv8NFTBN:dDesR99ATRHwyYqOAc2kHTBN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed
Files
-
629b731cca4617292d6afd6b0ee9665d4b7ea82caaf3d06cf3d86f6b8e0168ed.exe windows:5 windows x86 arch:x86
c01e83fe95106a3e2217dbd8c278dcb2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
oleaut32
SysFreeString
advapi32
RegQueryValueExA
user32
GetKeyboardType
gdi32
UnrealizeObject
version
VerQueryValueW
mpr
WNetGetConnectionA
ole32
CreateStreamOnHGlobal
comctl32
_TrackMouseEvent
shell32
ShellExecuteA
comdlg32
GetOpenFileNameA
wsock32
WSACleanup
gdiplus
GdipSetStringFormatLineAlign
logintooldll
ord17
msvcrt
strncpy
iphlpapi
GetInterfaceInfo
psapi
GetMappedFileNameW
Sections
.text Size: 8.8MB - Virtual size: 8.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.s Size: 760KB - Virtual size: 760KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.s Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ