Static task
static1
Behavioral task
behavioral1
Sample
Trump Public.exe
Resource
win10-20240404-en
General
-
Target
Trump Public.exe
-
Size
4.3MB
-
MD5
90615f6c0fac1f5f096143801be4d602
-
SHA1
c72d3a62303823bb13fe0ea688f9dfafdd5e7e2e
-
SHA256
4406e74e88fa78817bfe90eebb5ae5f924927c143f46e61e84267d31bb236dd4
-
SHA512
bc9e34ffe071a52ce1092790775bafc169e53afa0d8cfaa9cba4f919c907de52ec2cf19d6532357bf6f51bbc6fa46ca7cd7f9cc2f7a937089da383349669a997
-
SSDEEP
98304:e2MCKqFoI7XPtl3ltL7CB88U0ZlkIEGI5p/KJQCx:e+TaIDn3ltL7CSj0OGI5p/m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Trump Public.exe
Files
-
Trump Public.exe.exe windows:6 windows x64 arch:x64
7a5bd1886dd64f74ed4e0c7f6589fdc9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvcp140
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
advapi32
CryptDestroyHash
normaliz
IdnToAscii
wldap32
ord27
crypt32
CertCreateCertificateChainEngine
ws2_32
WSAGetLastError
kernel32
HeapDestroy
user32
MessageBoxA
shell32
ShellExecuteA
rpcrt4
RpcStringFreeA
psapi
GetModuleInformation
userenv
UnloadUserProfile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_exception_destroy
api-ms-win-crt-runtime-l1-1-0
_register_thread_local_exe_atexit_callback
api-ms-win-crt-stdio-l1-1-0
fflush
api-ms-win-crt-heap-l1-1-0
malloc
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-convert-l1-1-0
atoi
api-ms-win-crt-filesystem-l1-1-0
_stat64
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-locale-l1-1-0
localeconv
api-ms-win-crt-string-l1-1-0
_strdup
api-ms-win-crt-utility-l1-1-0
qsort
Sections
.text Size: - Virtual size: 442KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.$Xh Size: - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.i00 Size: 512B - Virtual size: 440B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.8l8 Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ