Static task
static1
Behavioral task
behavioral1
Sample
a2082b155a75d3e93b273f49890631a2a574a34c6d69871b9c7e17208a5e4489.exe
Resource
win7-20240903-en
General
-
Target
a2082b155a75d3e93b273f49890631a2a574a34c6d69871b9c7e17208a5e4489.exe
-
Size
1.9MB
-
MD5
a16b661f7b7872fbff91bdb5514481bc
-
SHA1
0c3ea21499b9cf621de8d31099ec2761c98b0dc2
-
SHA256
a2082b155a75d3e93b273f49890631a2a574a34c6d69871b9c7e17208a5e4489
-
SHA512
0cce8fb00864e3821cad65ab6e2c17475aa9cc03fa48447dc746da5022ae910e1fb3cd1223f217a43e41b7650329bcd53194a912bc89540a54a613eca3a4a25c
-
SSDEEP
49152:i6i0cBZvP4vg72F+lXF6LhIdgHtKSo4Vo:3TcBZvB6kGId2KSoUo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a2082b155a75d3e93b273f49890631a2a574a34c6d69871b9c7e17208a5e4489.exe
Files
-
a2082b155a75d3e93b273f49890631a2a574a34c6d69871b9c7e17208a5e4489.exe.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bqzanxku Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gbxaephq Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE