Static task
static1
Behavioral task
behavioral1
Sample
39176b24223d03d6c8701d6b52a895dd42842588af0b6e017e7c9c8cd08975b3.exe
Resource
win7-20241023-en
General
-
Target
39176b24223d03d6c8701d6b52a895dd42842588af0b6e017e7c9c8cd08975b3
-
Size
103KB
-
MD5
1bc429b6743105b5951d3bd01e4ff245
-
SHA1
fd773e9f1c5d3ba3ea268fd1bf5ac9759a24ed23
-
SHA256
39176b24223d03d6c8701d6b52a895dd42842588af0b6e017e7c9c8cd08975b3
-
SHA512
80ba790914500f6d327cac05c9e61214a2912424e136949947a7cd67797af94abe0a0ea2702d9f3561a93d15cd6bb16b3277a991551aa0a6ec336f39be1d4a6b
-
SSDEEP
1536:o+lAvqY9shtgw+RDj0fnHkucCP8DB59ROSqZ+FH5LTMrZd7+SY6S46:NwqPgwoDj0ES0l5lW+FH5/M1d7+M1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 39176b24223d03d6c8701d6b52a895dd42842588af0b6e017e7c9c8cd08975b3
Files
-
39176b24223d03d6c8701d6b52a895dd42842588af0b6e017e7c9c8cd08975b3.exe windows:4 windows x86 arch:x86
7bfa2fc9d91a7737328864aea8fd8993
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
ShellExecuteA
kernel32
WideCharToMultiByte
GetNumberOfConsoleInputEvents
ReadFile
SetFilePointer
WriteFile
GetLastError
VirtualFree
CloseHandle
CreateFileA
VirtualAlloc
GetVersionExA
DeviceIoControl
GetCommandLineA
GetVersion
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
RtlUnwind
HeapAlloc
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
Sections
.text Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rmnet Size: 56KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE