Static task
static1
Behavioral task
behavioral1
Sample
7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159.exe
Resource
win10v2004-20241007-en
General
-
Target
7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159.exe
-
Size
793KB
-
MD5
2fabe54556b6133301e8e6b9360a645e
-
SHA1
565244e4050ae05e9eea39102ae51248e519bbaf
-
SHA256
7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159
-
SHA512
684a9cafca663d16e0ab78877227dcefde189b04a48b5fa64f01f969e2f3bf7b73d9cce31744f9de9ded0b76382dacdb679e06fe9160bac131bc6b9aa1463c0e
-
SSDEEP
12288:3r7ZmIqcLBKh+PrUgiCUm42OZMPBO4pqp9+8qsNyYh4rDQ5NKWfbV3CJapC4:b7Zi6BKh1IOZMPBO46qskYhMQjbppC4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159.exe
Files
-
7873fd04f7631d22d4ee8ac58545aa07205062bf7a5bc3d4049e10efeeeda159.exe.exe windows:4 windows x86 arch:x86
3f46873f31562a1562c6590f714a811f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrlenA
CloseHandle
VirtualProtectEx
GetLocalTime
GetProcessHeap
GetStartupInfoA
SetLastError
CreateDirectoryW
Sleep
SetLastError
HeapSize
CreateMutexA
SetEvent
GetTickCount
GetFileAttributesA
CreateSemaphoreA
CreateHardLinkW
GlobalFree
DeleteFileW
LoadLibraryA
WriteConsoleA
cryptui
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
vdmdbg
VDMDetectWOW
VDMGetContext
VDMGetPointer
VDMBreakThread
Sections
.text Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 522B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 785KB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE