Static task
static1
Behavioral task
behavioral1
Sample
22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90.exe
Resource
win10v2004-20241007-en
General
-
Target
22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90
-
Size
372KB
-
MD5
9338815a91b648113269bbcf972ec4a8
-
SHA1
cc6c6e46b76c8ca931d462150ec1b82c3495d8ae
-
SHA256
22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90
-
SHA512
ccaba640a7041ce55aebca65eda4ba3701cc7a2eaedccfb1c7c5e985df288a764704bf675fb85f2ebe5d2cd73b8aeccd926e49075a5dc3cae4a93f8ecb759092
-
SSDEEP
6144:SD3yZ+ywnBeIwAddYuugEHb7D9EWcxJP4Plaur7aW:SD3yZnUBeIw22ujEBEhxJwPlHz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90
Files
-
22e7188716a0f17c1a1e4eedc42bf9c9863909cd211eab0c35387f5f413bca90.exe windows:5 windows x86 arch:x86
68345dd56eb3fe91cf38c8edf85f81d4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcmpA
SetLocaleInfoA
EnumCalendarInfoA
WriteConsoleInputW
CopyFileExW
GetModuleHandleExA
RtlCaptureContext
SetLocalTime
BuildCommDCBAndTimeoutsA
CallNamedPipeA
SetUnhandledExceptionFilter
EnumCalendarInfoW
WaitNamedPipeA
GetEnvironmentStringsW
InterlockedCompareExchange
SetEvent
GetCommProperties
BackupSeek
GetModuleHandleW
CreateRemoteThread
SetFileTime
GetWindowsDirectoryA
GetDateFormatA
GetDriveTypeA
LoadLibraryW
ReadFileScatter
GetVersionExW
GlobalFlags
DnsHostnameToComputerNameW
GetComputerNameExA
FindNextVolumeW
GetConsoleAliasW
GetFileAttributesW
GetModuleFileNameW
GetSystemDirectoryA
FindNextVolumeMountPointW
DeactivateActCtx
EnumSystemLocalesA
GetConsoleOutputCP
OpenMutexW
GetProcAddress
LoadLibraryA
LocalAlloc
SetCalendarInfoW
BuildCommDCBAndTimeoutsW
RemoveDirectoryW
GlobalGetAtomNameW
GlobalFindAtomW
EnumResourceTypesW
GetModuleHandleA
EraseTape
CreateMutexA
FindNextFileW
GetStringTypeW
RequestWakeupLatency
GetVolumeNameForVolumeMountPointW
DeleteFileW
GetFileInformationByHandle
FindActCtxSectionStringW
CloseHandle
HeapSize
GetLastError
WideCharToMultiByte
DeleteFileA
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
SetFilePointer
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
FatalAppExitA
Sleep
IsProcessorFeaturePresent
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
IsValidLocale
RtlUnwind
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
WriteConsoleW
CreateFileW
user32
GetMenu
Sections
.text Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 198KB - Virtual size: 3.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ