Static task
static1
Behavioral task
behavioral1
Sample
Trojan.Sysbot.ATA_virussign.com_7bf505a0ab40d8c0a92253b677ec4d19.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Trojan.Sysbot.ATA_virussign.com_7bf505a0ab40d8c0a92253b677ec4d19.exe
Resource
win10v2004-20240802-en
General
-
Target
Trojan.Sysbot.ATA_virussign.com_7bf505a0ab40d8c0a92253b677ec4d19.exe
-
Size
52KB
-
MD5
7bf505a0ab40d8c0a92253b677ec4d19
-
SHA1
cd037a54256da3d8adee9fc96a2446c78f6566fd
-
SHA256
0dfe988c6f05e211be0be3eaee73777b5d182405bb3b0188cae707300790487b
-
SHA512
634e085edf09e2553e118c49f535f6aff1a3a04474cead91b526fe82b44523b310dbd11c815cc1a0caaaa96ecab81e8991a4e84ebc5ae491c80db62013fead34
-
SSDEEP
768:d+ciLamXW9XgMxjFkpvMVX8q18q13yO1oj5n/wBDkfw:IzaEW5gMxZVXf8a3yO1opwBz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Trojan.Sysbot.ATA_virussign.com_7bf505a0ab40d8c0a92253b677ec4d19.exe
Files
-
Trojan.Sysbot.ATA_virussign.com_7bf505a0ab40d8c0a92253b677ec4d19.exe.exe windows:4 windows x86 arch:x86
871f566131c40f544851d687e3ef38f8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
user32
MessageBoxA
Sections
Size: - Virtual size: 96KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SoftComp Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE