Static task
static1
Behavioral task
behavioral1
Sample
587e86e6ca49e27558b086d23708a5a506c3472314ceb0f3156184a4f9a4745d.exe
Resource
win7-20240903-en
General
-
Target
587e86e6ca49e27558b086d23708a5a506c3472314ceb0f3156184a4f9a4745d.exe
-
Size
1.8MB
-
MD5
f150c6a1804e541fd06c07175b423b7c
-
SHA1
65fe457d482ba93e86994be0151fae82b6a6f119
-
SHA256
587e86e6ca49e27558b086d23708a5a506c3472314ceb0f3156184a4f9a4745d
-
SHA512
55161d4ded79edd48dce9d19075acddea39cc6efc11a4dd78852b76e021ca3f21f1e5bde76650f55b96d049e645969080df5805c1c4dfb04acc9ee2782a345ca
-
SSDEEP
49152:mW8aTqphAQJ85JlVy0ckknx5qJAjcwccS3pplnwr:Z8Cqp2QJ0cTn7qJAYVcEA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 587e86e6ca49e27558b086d23708a5a506c3472314ceb0f3156184a4f9a4745d.exe
Files
-
587e86e6ca49e27558b086d23708a5a506c3472314ceb0f3156184a4f9a4745d.exe.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
oslsnbaf Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jlqxtyqj Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE