Static task
static1
Behavioral task
behavioral1
Sample
d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1.exe
Resource
win10v2004-20241007-en
General
-
Target
d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1.zip
-
Size
7.9MB
-
MD5
c5762e5ecf14209b5d3cc1effe558ab1
-
SHA1
32bf6430a2f741b735800c51b96340c078b2fbf3
-
SHA256
fe5e31d0d20eea7dc2cfc16a65d81663dfadf519d8c5ed847245875b95261ea3
-
SHA512
45e09196f1c75dc26f073db4748ee4ee206582f699c03db19fb734165284ce9312e91eed3131b0b3de6b90d37de68351bccfe4f572383e06bd5c8160b5a61f03
-
SSDEEP
196608:qcTZ76dSp/0DeqF0jf9c5p86fs78V2NwT98uLN39/xg30J5:3Z7pKV0j2/12NwB8YpKI5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1
Files
-
d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1.zip.zip
Password: infected
-
d8ff7b3040d2674dbdc77b184266ddef54444c0d8db4880ddd3bcd45d610e0c1.exe windows:4 windows x86 arch:x86
12f12d364f5f6a801e52c9dce28d1965
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
oleaut32
VariantClear
SysAllocString
user32
SendMessageA
SetTimer
KillTimer
DialogBoxParamA
SetWindowLongA
GetWindowLongA
SetWindowTextW
SetWindowTextA
LoadIconA
LoadStringW
LoadStringA
CharUpperW
CharUpperA
DestroyWindow
EndDialog
PostMessageA
ShowWindow
MessageBoxW
GetDlgItem
DialogBoxParamW
shell32
ShellExecuteExA
msvcrt
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
memcpy
free
malloc
_CxxThrowException
_purecall
memmove
__CxxFrameHandler
memcmp
kernel32
GetCommandLineW
GetStartupInfoA
GetModuleHandleA
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventA
VirtualFree
VirtualAlloc
Sleep
WaitForMultipleObjects
GetStdHandle
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileA
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
GetTempFileNameA
GetTempPathA
GetCurrentDirectoryA
GetFullPathNameW
GetFullPathNameA
lstrlenA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
RemoveDirectoryW
SetFileAttributesW
RemoveDirectoryA
SetFileAttributesA
SetLastError
CreateFileW
SetFileTime
GetWindowsDirectoryA
FormatMessageW
FormatMessageA
LocalFree
GetModuleFileNameW
GetModuleFileNameA
AreFileApisANSI
GetLastError
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
WaitForSingleObject
CloseHandle
CreateProcessA
SetCurrentDirectoryA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
Sections
.text Size: 81KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sxdata Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ