Static task
static1
Behavioral task
behavioral1
Sample
15b8f708189f176ba7fd0ba8150bbd06d44d17fc2baf6c3137c4b4113a42a983.exe
Resource
win10v2004-20240802-en
General
-
Target
15b8f708189f176ba7fd0ba8150bbd06d44d17fc2baf6c3137c4b4113a42a983
-
Size
1.9MB
-
MD5
d37b9c7530ad72b0513c761093e8f760
-
SHA1
24e645aaa27325bb6fa8e029644a9bbfcaeee447
-
SHA256
15b8f708189f176ba7fd0ba8150bbd06d44d17fc2baf6c3137c4b4113a42a983
-
SHA512
520884af155c6787ca5de4079b441c5792ad75c938b28efab224296ed825bdbfd950e267c0c6f7606cfcb5a7eed5e5027398ec09425518fe753f4fa92108ad4d
-
SSDEEP
49152:6rAe/Rk4P/VXFmZPZlvdvmAYpJiiycBa+BSptT6aG:6rAe/REZPvdvjG9ycBX1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 15b8f708189f176ba7fd0ba8150bbd06d44d17fc2baf6c3137c4b4113a42a983
Files
-
15b8f708189f176ba7fd0ba8150bbd06d44d17fc2baf6c3137c4b4113a42a983.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rmvtkwki Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vnntlqzo Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE