Static task
static1
Behavioral task
behavioral1
Sample
ef68b19e6817f5e4a8a3f03340897eae4beb052f9bb86aa6d12e02d377ce81a1.exe
Resource
win10v2004-20240802-en
General
-
Target
ef68b19e6817f5e4a8a3f03340897eae4beb052f9bb86aa6d12e02d377ce81a1
-
Size
1.8MB
-
MD5
1962f71690a83ac73d4ba1e5942b23fc
-
SHA1
f25ad0c8cadfe47042e57383f2999f2a30d69b6c
-
SHA256
ef68b19e6817f5e4a8a3f03340897eae4beb052f9bb86aa6d12e02d377ce81a1
-
SHA512
38d0a973729ff5226fbfaca13095eec03ea394e8810fd426c43ab10a63b3e15264cdcca3ea91f77778abaf42fb4ffa082320353ad9f4ffb4bdaa2acba4bf48c7
-
SSDEEP
49152:n6YVeiOl2vNU6BY0p0hQU26q5K7DJ6zoSDvp3EOQMYqujXXof:n6/iQ4Y0OI5K7DJ6zVlEkuTo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ef68b19e6817f5e4a8a3f03340897eae4beb052f9bb86aa6d12e02d377ce81a1
Files
-
ef68b19e6817f5e4a8a3f03340897eae4beb052f9bb86aa6d12e02d377ce81a1.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zelelbyu Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
kdusbzqb Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE