Static task
static1
Behavioral task
behavioral1
Sample
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893.exe
Resource
win10v2004-20240802-en
General
-
Target
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
-
Size
1.6MB
-
MD5
47fba6325c6c368d956be7ccafb06c9a
-
SHA1
30cbf652787ca93fff2da7032c35218842cc0cf8
-
SHA256
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
-
SHA512
9076daf8dfb326c43ca667e8b9529171da4f1e62ef6592ced40571041e864ce41e3c97e361c0e0e72574fd401c97bab13b0c0053f70ce9ea52139adf86ff4c29
-
SSDEEP
49152:twdhgYXFDNKU/20ALN+ZrYdA4xG+h94eG/:HuNV20oNGj4xGfe6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
Files
-
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
qlfH Size: - Virtual size: 3.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
XCCM Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE