Static task
static1
Behavioral task
behavioral1
Sample
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f.exe
Resource
win10v2004-20240802-en
General
-
Target
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
-
Size
17KB
-
MD5
1f7900f5c8d104873b6e816eeaca69ee
-
SHA1
e8130b50b5e94ffbbdd9bb3cf1bb2b476078cf0c
-
SHA256
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
-
SHA512
1320c46b7433f009744a0e1a7c266f0138b29e63c7e765f5930c302350aece80c81951986dbd088d9f6519bbd12632e13b46da13135333714dd4dbce443158a3
-
SSDEEP
384:iNgyUHgXLKEtcfompCGM3vawf6s8ue3ZddJbq907vvxlLMM:iNuA7KQcAmEdfawJ8zJddJWG7DMM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
Files
-
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f.exe windows:4 windows x86 arch:x86
ab907024972dd3f31937818d025e51f6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
advapi32
FreeSid
msvcrt
time
shell32
IsUserAnAdmin
user32
EndPaint
wininet
InternetOpenA
Sections
.MPRESS1 Size: 13KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE