Static task
static1
Behavioral task
behavioral1
Sample
be78f72a1d60ea77948a7f42855ef3c0N.exe
Resource
win7-20240903-en
General
-
Target
be78f72a1d60ea77948a7f42855ef3c0N.exe
-
Size
1.8MB
-
MD5
be78f72a1d60ea77948a7f42855ef3c0
-
SHA1
549f7c062fdc74ec8d7a544fd66c69fa8769171c
-
SHA256
0b5f4f1dbf0a3a1793f41bfb16c533bcc7cc656772b4cadd77a3e04f6e312325
-
SHA512
cbbba53b749d189facb32f853b73fb3d63eb6edc6e7aa31f16feaef75859bf48b059cd72bed6704696b657452c04d88a448153027a0a8471ce83ed8a2d397da1
-
SSDEEP
24576:PzJM9zdzVE0jYFcjMG3QkCTi8MTkyDo1cqfNs7yzW2PrsM9V7FD5rLVCCYT:P6zdBJscjMeQY8MTFDotfKNc5N53K
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource be78f72a1d60ea77948a7f42855ef3c0N.exe
Files
-
be78f72a1d60ea77948a7f42855ef3c0N.exe.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ogqrsfdh Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wmegwqpb Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE