fillResourceMap
Static task
static1
Behavioral task
behavioral1
Sample
c2bf0e8ed1ece709e72fecbc77de72fba47ebf655d29240b1628a8ea8c2efb97.dll
Resource
win7-20240729-en
General
-
Target
c2bf0e8ed1ece709e72fecbc77de72fba47ebf655d29240b1628a8ea8c2efb97.exe
-
Size
116KB
-
MD5
89f8e9f21a829ebf8dd2955a3c7562c9
-
SHA1
a195f2b264b3389db0d82fd226d1382e32cbcbc7
-
SHA256
c2bf0e8ed1ece709e72fecbc77de72fba47ebf655d29240b1628a8ea8c2efb97
-
SHA512
3d67a42ef7724e8a0c1f834909e89c62b9383f2ce1c3a313c832963233f8eb15bb2302a38ef8e2d837dc1c6edf9333095e76c33b888c0fd19018688209a27539
-
SSDEEP
1536:juTLBvTKbySZyICNoOk619WQaJVYNyA3M1xgbbKEBQxK74G5BIq5ewYYNv:jc4bygyICNoOXnWQOVYNg9EQxa7w2v
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource c2bf0e8ed1ece709e72fecbc77de72fba47ebf655d29240b1628a8ea8c2efb97.exe
Files
-
c2bf0e8ed1ece709e72fecbc77de72fba47ebf655d29240b1628a8ea8c2efb97.exe.dll windows:4 windows x86 arch:x86
6d39f6c552eeeb6553fbef88bc36f1fd
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
ExitProcess
GetCurrentProcess
GetOEMCP
GetCommandLineA
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
RtlUnwind
SetStdHandle
FlushFileBuffers
CloseHandle
GetVersion
GetLastError
GetCPInfo
GetACP
VirtualAlloc
user32
MessageBoxA
LoadStringA
advapi32
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
Exports
Exports
Sections
.text Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rmnet Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE