Static task
static1
Behavioral task
behavioral1
Sample
cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37.exe
Resource
win10v2004-20240802-en
General
-
Target
cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37.exe
-
Size
224KB
-
MD5
08e3912bd337bff072bd1346ddc39f3a
-
SHA1
4968a92e8d90c576ea9bed482b5d36de2254e0e1
-
SHA256
cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37
-
SHA512
68abb38096e0abe9896c7215bcc2dacfe4bb06c7b61fc905e2bd6a7575ac4bb61f56f1ca154f7187d6f6129633e81cd2dc4e28054987889f5c5d36367084fde2
-
SSDEEP
3072:yxLlt/h9UgZelpkNYTbUo/OBBce9j5o28Ewv6ClhJt/5EYjyWIE:yxLltJ9ZskKTQoWB+HRNN7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37.exe
Files
-
cae15eb4334c0d36ed9152d852766f970df9a0159895050742ca1036d54b0c37.exe.exe windows:5 windows x86 arch:x86
0d528cb11b391cc85272fa6bac17f245
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetNumaProcessorNode
GetConsoleAliasExesLengthA
InterlockedDecrement
QueryDosDeviceA
GetEnvironmentStringsW
InterlockedCompareExchange
GetComputerNameW
GetModuleHandleW
ReadConsoleW
FormatMessageA
ReadConsoleOutputA
SetCommState
GetVolumeInformationA
LoadLibraryW
GetSystemTimeAdjustment
DeleteVolumeMountPointW
HeapDestroy
GetFileAttributesA
SetConsoleMode
GetFileAttributesW
GetBinaryTypeA
GetConsoleAliasesLengthW
GetLastError
GetLongPathNameW
GetProcAddress
CopyFileA
LoadLibraryA
LocalAlloc
MoveFileA
CreatePipe
GetModuleFileNameA
GetDefaultCommConfigA
GetCommTimeouts
FreeEnvironmentStringsW
BuildCommDCBA
FatalAppExitA
WriteConsoleOutputAttribute
ReleaseMutex
FindAtomW
CreateFileA
SetStdHandle
GetStdHandle
SetPriorityClass
HeapAlloc
HeapReAlloc
Sleep
ExitProcess
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapCreate
WriteFile
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
CloseHandle
user32
GetFocus
advapi32
ObjectPrivilegeAuditAlarmA
Sections
.text Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 995KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.xezuxe Size: 512B - Virtual size: 124B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.yuvatom Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ