Static task
static1
Behavioral task
behavioral1
Sample
artifact.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral2
Sample
artifact.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral3
Sample
artifact.exe
Resource
win11-20241007-en
General
-
Target
artifact.exe
-
Size
12.4MB
-
MD5
d5f1f49da304a6471279d0427df47b10
-
SHA1
270ccd40ec7280d081df2a54ab7315ada5cb0a07
-
SHA256
166da15b42a0184c5375be94ab1180052eaf08eb09cb1af406329d96f542d75f
-
SHA512
793f5fbb0ba4beabb6affceac4d28e68a3484c70f75344cc4ec835c66f0946d3755e7c645d55b252ae819f6df72dc8674b2f2a77371cc2701a8287cb56e2ce60
-
SSDEEP
393216:npPpFTO4wV4fq3jqkbrba+ppiQqKY3qz:npPpFTO4wOfq3mkHu+pthY3qz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource artifact.exe
Files
-
artifact.exe.exe windows:5 windows x64 arch:x64
6c981d11b94034aca603707a9e11e432
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
msvcrt
getenv
user32
GetForegroundWindow
wininet
InternetOpenA
crypt32
CryptStringToBinaryA
kernel32
FindFirstFileA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
libcrypto
EVP_CIPHER_CTX_new
Sections
.text Size: - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
./JX Size: - Virtual size: 7.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.+q] Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.R'H Size: 12.4MB - Virtual size: 12.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ