C:\riy\lacutolar-xejonoyere79\hipase-fanu.pdb
Static task
static1
Behavioral task
behavioral1
Sample
bc905b4dc25d943d24e1dedb50acf76cbf2ebc6ee145b323350a1df523821127.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bc905b4dc25d943d24e1dedb50acf76cbf2ebc6ee145b323350a1df523821127.exe
Resource
win10v2004-20241007-en
General
-
Target
54174daed0b3b89cbeb6dee9b8868f31
-
Size
515KB
-
MD5
54174daed0b3b89cbeb6dee9b8868f31
-
SHA1
f4f30ab72a1b2e3eed38fdb37f26b145e654ba66
-
SHA256
b245345fd0229dd2af345d5f70e0326d958980a45b355b29cee08ed2b853bf1c
-
SHA512
e9f1017b80385e2c3dc9407123a647f6f1e2efe6db5d00e19d77ed8d30f1b289a1f002ede19dc9a05e267a7fec39b11bb83c7b942c44e17ea262c992109baf31
-
SSDEEP
12288:hCdSErOWiQndf4PPgUaZ1BTyu/XeCfqwVVGZl5JAZmCNzqIHzGLO7:wTr5/dAdKDyu/1BVVGZl5WNzqISa7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/bc905b4dc25d943d24e1dedb50acf76cbf2ebc6ee145b323350a1df523821127
Files
-
54174daed0b3b89cbeb6dee9b8868f31.zip
-
bc905b4dc25d943d24e1dedb50acf76cbf2ebc6ee145b323350a1df523821127.exe windows:5 windows x86 arch:x86
8ee4f2cace7854793aad420556d77bc0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
WriteConsoleOutputCharacterW
GetProcessIoCounters
SetMailslotInfo
CreateHardLinkA
FreeEnvironmentStringsA
GetConsoleAliasesLengthA
GetConsoleTitleA
InitializeCriticalSection
LoadLibraryW
WriteConsoleW
GetBinaryTypeA
GetModuleFileNameW
lstrlenW
CreateDirectoryA
GetConsoleAliasesW
GetLastError
GetProcAddress
VirtualAlloc
FindFirstChangeNotificationW
MoveFileW
WriteProfileSectionA
SetStdHandle
EnterCriticalSection
WriteConsoleA
SetConsoleWindowInfo
GetModuleHandleA
VirtualProtect
GetFileAttributesExW
GetCPInfoExA
SetCalendarInfoA
UnregisterWaitEx
LocalFree
InterlockedPushEntrySList
FillConsoleOutputCharacterA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
DeleteCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
Sections
.text Size: 561KB - Virtual size: 561KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 292KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ