Static task
static1
Behavioral task
behavioral1
Sample
41162da3948ffe1694ceb56784e604e33984a91f279bee03a69bcc0384f35b32.exe
Resource
win7-20240903-en
General
-
Target
41162da3948ffe1694ceb56784e604e33984a91f279bee03a69bcc0384f35b32
-
Size
15.0MB
-
MD5
45a062b0e7f44b001dcadeb87553ee11
-
SHA1
e8fa7411615016d58674c5632c21b23c9f83e385
-
SHA256
41162da3948ffe1694ceb56784e604e33984a91f279bee03a69bcc0384f35b32
-
SHA512
67c8c011e4988d7a0d1857c37424eb32632c0c1a286a78e133e32d064a3448ea524421ff94db903b809d86624ee9f71e0e89d1c8d63526ffead9abef02c7c54f
-
SSDEEP
393216:w8VfBBQSd8NCq2k+mf1Ts011m2Sc7kU69JWa7/:w2bHdHIbf5s6NlD69Jv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 41162da3948ffe1694ceb56784e604e33984a91f279bee03a69bcc0384f35b32
Files
-
41162da3948ffe1694ceb56784e604e33984a91f279bee03a69bcc0384f35b32.exe windows:4 windows x86 arch:x86
f5610612c84ff391453dc69ca94579a1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
rasapi32
RasHangUpA
winmm
waveOutReset
ws2_32
htons
user32
GetClassNameA
gdi32
LineTo
winspool.drv
DocumentPropertiesA
comdlg32
ChooseColorA
advapi32
RegOpenKeyExA
shell32
SHGetSpecialFolderPathA
ole32
CoGetClassObject
oleaut32
SafeArrayAccessData
comctl32
ImageList_GetIcon
oledlg
ord8
wininet
InternetCanonicalizeUrlA
Sections
.text Size: 15.0MB - Virtual size: 39.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE