Static task
static1
Behavioral task
behavioral1
Sample
2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6.exe
Resource
win10v2004-20241007-en
General
-
Target
2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6
-
Size
372KB
-
MD5
6710868911ac883292da39b8f0208505
-
SHA1
8f72a0fe8495a84036216e18eb302cc53cd5a285
-
SHA256
2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6
-
SHA512
2b043a912acbaa3441d473c8c6d491058499303bbb713a93ded60652a3322cd506517c280d053235c27dcc56e32bf9dc9642e5e7aeafb906d27119c48c8fd9b3
-
SSDEEP
6144:Zw2LmWVeVpo6/1nQQnJ6eFUl7drxvLi4+mPyabnT:Zw21VeVp9nQeJ6yapxvLdhyav
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6
Files
-
2e4ab34dcfd40afc19f0f3ec171f78b1362dbace975891fec296e60e1ac127a6.exe windows:5 windows x86 arch:x86
a1db9c571cfed8662bf582d5ef78539c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalFix
TlsGetValue
CallNamedPipeA
OpenJobObjectA
InterlockedDecrement
GetCurrentProcess
WriteConsoleInputA
GetComputerNameW
GetTimeFormatA
FreeEnvironmentStringsA
GetCommConfig
GetDllDirectoryW
GetCurrencyFormatA
ClearCommBreak
GetConsoleAliasExesW
EnumTimeFormatsA
EnumTimeFormatsW
LoadLibraryW
GetFileAttributesA
GetTimeFormatW
CreateProcessA
GetModuleFileNameW
GetShortPathNameA
LCMapStringA
GetLogicalDriveStringsA
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
SetFileAttributesA
DefineDosDeviceA
GetTempFileNameA
LoadLibraryA
InterlockedExchangeAdd
OpenEventA
OpenJobObjectW
SetEnvironmentVariableA
GlobalWire
GetCurrentDirectoryA
SetFileShortNameA
GetVersionExA
ReadConsoleInputW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
RaiseException
HeapAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapFree
CloseHandle
TerminateProcess
IsDebuggerPresent
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
Sections
.text Size: 293KB - Virtual size: 293KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gazeziv Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mum Size: 512B - Virtual size: 214B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.coxi Size: 1024B - Virtual size: 923B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.woma Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ