Static task
static1
Behavioral task
behavioral1
Sample
eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606N.exe
Resource
win10v2004-20241007-en
General
-
Target
eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606N
-
Size
59KB
-
MD5
a77d809748ce780cfa556a44d35dc630
-
SHA1
8385c37c2aa586f6bb1be414e7598ced0117d7ed
-
SHA256
eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606
-
SHA512
e6e081a323321d6eea4f5aa89a0808ad5717d304f862c975c6d6733c7b314d3d15ea75a86993ae25aca42f89d5035702323d2157599d7993e0fdc3ea62b22857
-
SSDEEP
1536:9iTKIqQoaf68nDN62fL/eA+uwfIbhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhXj:kTKDQoaf68no2LBdwohejte3h
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606N
Files
-
eff1afde1f5066263a65a5e74488e75f152eb848cc3dee2f5b4b2f67226b8606N.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fldo Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.l1 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ