Static task
static1
Behavioral task
behavioral1
Sample
8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93bN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93bN.exe
Resource
win10v2004-20241007-en
General
-
Target
8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93bN
-
Size
196KB
-
MD5
0d3e2cd8851f42192e639b70e109e680
-
SHA1
55b435c0bce90b295dc5dcc984453241938a4d7b
-
SHA256
8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93b
-
SHA512
2fcebe8b568e2c033d9dab06b024e257076ff2461b595e52f746ec5cf8934053b4b0ab06733b2faf7261c37cb5d7190aeec8cb09fe15b2f1b4aac0336213ff24
-
SSDEEP
6144:0c6BtUaNMtLLowRg4uLhuMXUk4m5xnt0Vu:0juaWLJgzLMkvou
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93bN
Files
-
8241892ff5c9b441458ea07eac9693a7f46234e90e3f5ac8d310356e7ec5c93bN.exe windows:4 windows x86 arch:x86
fc5c1aac18a83503e3cae0c72797cbed
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCalendarInfoW
GetEnvironmentStringsW
GetTimeFormatA
DuplicateHandle
GetFileType
GetTempFileNameW
CreateFileA
CompareStringW
IsBadReadPtr
OpenProcess
SetThreadPriority
lstrcat
GetModuleHandleA
SearchPathW
RemoveDirectoryW
GlobalFindAtomA
FileTimeToSystemTime
lstrcpynA
OpenSemaphoreA
lstrcatA
IsBadStringPtrA
SetComputerNameW
CompareFileTime
FindResourceA
CopyFileExW
SetLocaleInfoA
GetVersionExA
GetTempFileNameA
GetStartupInfoW
ExitThread
SetErrorMode
SearchPathA
lstrcpyW
InitializeCriticalSection
GetLocaleInfoW
GetCurrentProcess
GetCommandLineW
GlobalFindAtomW
GlobalGetAtomNameA
GetFileSize
GlobalAlloc
GetProcAddress
CreateSemaphoreW
GlobalGetAtomNameW
GetSystemDirectoryW
GetPriorityClass
CreateMutexA
FreeResource
GetUserDefaultLCID
user32
LoadBitmapW
EnumWindows
GetKeyboardLayout
GetWindowTextA
EmptyClipboard
CreateDialogParamW
GetClassNameW
GetIconInfo
CharLowerW
DrawTextW
GetMenuItemInfoA
GetWindowTextLengthW
SetCursor
CharNextW
GetMenuState
GetKeyState
CheckMenuRadioItem
WaitForInputIdle
InsertMenuW
ChildWindowFromPoint
DialogBoxParamA
SetWindowTextA
mouse_event
GetClassInfoExW
CreateWindowExW
GetMenuStringA
GetCaretPos
DestroyMenu
CheckRadioButton
EnumDesktopsA
GetDC
CreateMenu
GetMenuItemID
keybd_event
FlashWindow
CallWindowProcA
MessageBeep
DestroyCursor
CopyRect
FindWindowW
SetCapture
CreateCaret
EnumDesktopsW
FindWindowA
GetMessageW
GetClassInfoW
gdi32
SetEnhMetaFileBits
RemoveFontResourceExW
CreateEllipticRgn
CreateDIBSection
GetMiterLimit
EnumFontFamiliesW
GetRasterizerCaps
GetBitmapDimensionEx
GetMetaFileBitsEx
advapi32
RegOpenKeyExA
RegCreateKeyW
RegQueryValueA
RegQueryInfoKeyW
RegCreateKeyExW
shlwapi
StrCatBuffA
SHRegCreateUSKeyW
IntlStrEqWorkerW
DllGetVersion
oleaut32
VarR8FromR4
VariantCopy
VarPow
VarI2FromI1
VarUI2FromR8
VarBoolFromStr
OaBuildVersion
setupapi
CM_Dup_Range_List
SetupGetFileQueueFlags
SetupQueueRenameSectionA
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.JQKFDY Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lbHO Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Omwwn Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.Hu Size: 512B - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.f Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Ft Size: 1KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.p Size: 512B - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Vje Size: 512B - Virtual size: 201KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1018B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ