Static task
static1
Behavioral task
behavioral1
Sample
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee.exe
Resource
win10v2004-20240802-en
General
-
Target
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
-
Size
4.3MB
-
MD5
9acaab883fea1da9e4fcbebeb389040f
-
SHA1
9cad9033d75a92cc2e063111ad526768f697019f
-
SHA256
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
-
SHA512
e000ba298721c8e9f838420fd2f76aba1b00b161edbc2e14585795fc83364ba21f04ea8e3d38dca43450f86116e537bdb58b4385d606feed6a2f60975b467c54
-
SSDEEP
98304:LF0XEk/vJPeSBHoIXBhycV9lUX+qcJxzrWLtJTmePv3HOc5WVWnP84kMNmS:LEEy82oIXhEX/qOLqe3SWnZkMX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee
Files
-
0b2504f7d7e5cc64f5655ee25530185702108970356e2e88090a6df72004b4ee.exe windows:4 windows x86 arch:x86
0ad098e4807773be743e209166ff46f0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameA
GetFileSize
CreateFileA
GetTickCount
GetEnvironmentVariableA
DeleteFileA
MoveFileA
WriteFile
GetStdHandle
ReadConsoleA
GetVersionExA
FreeLibrary
LoadLibraryA
LCMapStringA
GetProcessHeap
SetConsoleMode
ReadConsoleInputA
FlushFileBuffers
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
Sleep
GetExitCodeProcess
ReadFile
PeekNamedPipe
CloseHandle
CreateProcessW
CreatePipe
MultiByteToWideChar
lstrcpyn
GetProcAddress
IsBadReadPtr
GetModuleHandleA
GlobalSize
GetConsoleMode
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetCPInfo
GetACP
GetOEMCP
SetUnhandledExceptionFilter
IsBadCodePtr
user32
PeekMessageA
CreateDialogIndirectParamA
UpdateWindow
GetMessageA
SendMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowTextA
GetDlgItem
ShowWindow
SetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
wsprintfA
MessageBoxA
CallWindowProcA
WaitForInputIdle
advapi32
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
Sections
.text Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4.2MB - Virtual size: 4.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE