Static task
static1
Behavioral task
behavioral1
Sample
systemuser32.exe
Resource
win10v2004-20241007-en
General
-
Target
systemuser32.exe
-
Size
20.6MB
-
MD5
e481a457b7e963581ea60a9cff53f150
-
SHA1
71c44a94492747a651c6cee7e99cade3ae314dc4
-
SHA256
ffba2de6237d1542f5b596e5f44be49ea9183253193d598ff0ca328ad6131d1a
-
SHA512
dcb9f4321281b291c96798a5e04b7e2b9fca4c1f6720387b047440f484757008d7b3cfa16c2ad2f8758a5e2fd204e20b5f94252772a0a31fd265be98233e5103
-
SSDEEP
393216:ZVIREJbgCTGGATTgGO09XCrgBIPg17XmH65jivecT/h41Sba:ZVIREJbgCSGKkGfXxIY17e65evbhKi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource systemuser32.exe
Files
-
systemuser32.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 20.6MB - Virtual size: 20.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ