Static task
static1
Behavioral task
behavioral1
Sample
ef98ef7b237c47e0d3dfc8e64dad955c4a3c3a5ffa8ff524d59c5f0135d18533.exe
Resource
win7-20241023-en
General
-
Target
ef98ef7b237c47e0d3dfc8e64dad955c4a3c3a5ffa8ff524d59c5f0135d18533
-
Size
2.9MB
-
MD5
e4680563d6cf072a53a06a48f15e551c
-
SHA1
7cdc2a70c955fa540144d2e9ce7229d34e432fb8
-
SHA256
ef98ef7b237c47e0d3dfc8e64dad955c4a3c3a5ffa8ff524d59c5f0135d18533
-
SHA512
e507e6f753a2fc3f8aff5994fa559098af383dae82f838935974563c49ffa88170078a760dbced97762341f5ffb177355fe6d6da5cc8203baa7225e1038914b1
-
SSDEEP
49152:H+v7kUxpFSMnGRhclxVytL1C0kZEoopaC246xT0I1:H+v7kUxpM2GRh3tBBkropzt6x
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ef98ef7b237c47e0d3dfc8e64dad955c4a3c3a5ffa8ff524d59c5f0135d18533
Files
-
ef98ef7b237c47e0d3dfc8e64dad955c4a3c3a5ffa8ff524d59c5f0135d18533.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 159KB - Virtual size: 352KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
oaempsmy Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
nqxxlykp Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE