C:\bewizedemimesate-sumipazipuyusawusi.pdb
Static task
static1
Behavioral task
behavioral1
Sample
398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701.exe
Resource
win10v2004-20240802-en
General
-
Target
398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
-
Size
285KB
-
MD5
579490a130cb54ce7bc1db31e73286fb
-
SHA1
fc89cf89461fc7fb5a73060058588d71bf29fb34
-
SHA256
398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
-
SHA512
7e2b97f3eddbc31f0786cf7411a4d2d90a7df2c7dece487b325e55e3f385effc4729fe23318a5ced8d123f82e0dc772b98b062b1629f8a71e480111068386886
-
SSDEEP
6144:4bwZSj6j6lNJ5tw3URj2A8GVDGbww5aOHZA7lSV61EOb7:MGSj6rGVDMkOHe7tN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
Files
-
398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701.exe windows:5 windows x86 arch:x86
f3e5faf51b638d7d0819f74bde8829d8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ExitProcess
LocalUnlock
SetFilePointer
lstrlenA
TlsGetValue
SetLocalTime
BuildCommDCBAndTimeoutsA
FreeLibrary
LoadResource
SetWaitableTimer
ZombifyActCtx
GlobalSize
SetEnvironmentVariableW
CreateJobObjectW
HeapFree
SetVolumeMountPointW
ConnectNamedPipe
CallNamedPipeW
GetProcessPriorityBoost
CreateNamedPipeW
VirtualFree
IsBadReadPtr
WriteFile
EnumTimeFormatsW
GetCommandLineA
TzSpecificLocalTimeToSystemTime
GlobalAlloc
GetConsoleMode
TerminateThread
GetPrivateProfileStructW
DeleteVolumeMountPointW
GetFileAttributesA
SetConsoleCursorPosition
SetTimeZoneInformation
SetSystemPowerState
GetConsoleFontSize
GetBinaryTypeW
GetOverlappedResult
GetACP
RaiseException
GetHandleInformation
GetLastError
GetCurrentDirectoryW
LocalLock
SetComputerNameA
EnterCriticalSection
LoadLibraryA
OpenMutexA
LocalAlloc
MoveFileA
BuildCommDCBAndTimeoutsW
GetCommMask
WaitForMultipleObjects
SetSystemTime
GetDefaultCommConfigA
GlobalUnWire
LoadLibraryExA
DebugBreakProcess
CreateMutexA
VirtualProtect
ScrollConsoleScreenBufferA
GetSystemTime
GetProfileSectionW
GetVolumeInformationW
lstrcpyA
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
DeleteFileA
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
HeapValidate
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
SetStdHandle
WideCharToMultiByte
GetConsoleCP
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
GetModuleFileNameA
FlushFileBuffers
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
CreateFileA
CloseHandle
GetModuleHandleA
user32
GetAncestor
GetWindowInfo
Sections
.text Size: 158KB - Virtual size: 158KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 53KB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ