Static task
static1
Behavioral task
behavioral1
Sample
12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff.exe
Resource
win10v2004-20241007-en
General
-
Target
12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff
-
Size
80KB
-
MD5
33e0eee8dbb923ef5ee34157e0a3c5e1
-
SHA1
54afaf47ca5d9cffd0d9606edca803e206927247
-
SHA256
12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff
-
SHA512
eb6f290e03acf1bdc56aadd045dbfdf3d7f2bc16e89154f3f35fd19efc5834b16cdea0d684936c7ccc5c74d76e3680875c28cedb0ec8c8c5ca9a06147ad67969
-
SSDEEP
768:78QXvyTFpHrP/58ByHA/oEraNsNHPkUfb+uTld9woHBX4QXsFwAbF1PGCwwtIa:BKFF358KAAErO4PrquZwor/4+Cf6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff
Files
-
12f8d60b30acada504a2d02cbd9fcd5b25a05027f04c300b4220dcf16a0092ff.exe .vbs windows:4 windows x86 arch:x86 polyglot
4b88900ea6b5b8a75bcc932764801301
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WinExec
CreateDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
lstrcmpiA
lstrcpyA
lstrcmpA
FindClose
DeleteFileA
FindNextFileA
FindFirstFileA
lstrcatA
GetLogicalDriveStringsA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
SetFileAttributesA
MoveFileA
GetFileAttributesA
WritePrivateProfileStringA
CreateToolhelp32Snapshot
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetLocalTime
GetTempPathA
ExpandEnvironmentStringsA
FreeLibrary
GetVersionExA
UnmapViewOfFile
MapViewOfFile
ExitProcess
SetUnhandledExceptionFilter
lstrlenA
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
Process32First
Process32Next
OpenProcess
TerminateProcess
CreateMutexA
GetLastError
CloseHandle
CreateThread
CopyFileA
Sleep
user32
wsprintfA
FindWindowExA
keybd_event
IsWindow
SendMessageA
EnumChildWindows
GetForegroundWindow
GetWindowLongA
GetClassNameA
PostMessageA
GetCursorPos
WindowFromPoint
GetWindowTextA
MessageBoxA
GetParent
advapi32
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegSetValueA
RegDeleteKeyA
msvcrt
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
fgets
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
??2@YAPAXI@Z
fclose
fwrite
fread
fopen
exit
fputs
sprintf
_access
strstr
printf
fseek
rand
srand
time
wininet
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
ws2_32
gethostbyname
gethostname
WSACleanup
WSAStartup
Sections
MEW Size: 72KB - Virtual size: 72KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE