Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20241023-en
General
-
Target
file.exe
-
Size
4.2MB
-
MD5
4d727ea77c6a382bccbb1ee8970b67ee
-
SHA1
9b7899c63a601a2421715a6304c0f53af14f7b1a
-
SHA256
25ac0cfb064bd71d2d97aad7491824915a7bbdc4b80e705385617dbd0e35a673
-
SHA512
814e6406dae153b386791aa72d255cda60f3fdb36269db6a8177dbb3b101336a426c3e21506e3b73a25b3f99beb34bf658c3fe7d47e41e2f11f2d67f99af227f
-
SSDEEP
98304:g0QDuLy0AMnkpl50B/GVrcbKgVc2fAO5AbfiF:g1DuLy0hyl50B+6bLVxjy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource file.exe
Files
-
file.exe.exe windows:4 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
lstrcpy
Sections
Size: 2.5MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gdiujpci Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zdypqqxr Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE