Static task
static1
Behavioral task
behavioral1
Sample
623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83efN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83efN.exe
Resource
win10v2004-20241007-en
General
-
Target
623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83efN.exe
-
Size
111KB
-
MD5
af236ac6d18b3b8a4a80fba97e023b80
-
SHA1
6327874801e26d82f48acdf5738cf60c6b5e9f59
-
SHA256
623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83ef
-
SHA512
df6232f4b38fcebfd241ae62c3bc0813e99d61e308b6d0ba26158b8912c7de2f5c4b2af8587cbbd7d6dd90640200f013bdaf5035b5324587d22c82f0bcf92e98
-
SSDEEP
3072:SwUYPGG9eAoHSwMm8KzF6N0dKMW+Wb+EyjOIpiAAiL:SwUYz93oHSHBnyWj+EfIEw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83efN.exe
Files
-
623ecd51bbfcdeb8267944d87742b7e8e1e68f40c06655046786f9ff036c83efN.exe.exe windows:4 windows x86 arch:x86
535f8cb7436cafe2e0350157dbe6d531
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
VerQueryValueA
ws2_32
send
accept
msvcrt
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
??3@YAXPAX@Z
_acmdln
exit
_XcptFilter
_exit
free
_except_handler3
strcmp
rand
strlen
atoi
memcpy
memset
strcpy
strtok
??2@YAPAXI@Z
getenv
strcat
kernel32
GetStartupInfoA
AllocConsole
WriteConsoleA
lstrcmpiA
GetCurrentProcess
GetModuleHandleA
ReadProcessMemory
Sleep
GetModuleFileNameW
lstrlenW
WriteProcessMemory
GetCommandLineA
OutputDebugStringA
LoadLibraryA
GetProcAddress
lstrcpyA
CreateMutexA
GetLastError
lstrcmpA
lstrcatA
CreateThread
WaitForSingleObject
ExitProcess
lstrlenA
GetModuleFileNameA
user32
TranslateMessage
GetWindowRect
GetMessageA
TrackPopupMenu
GetWindowLongA
CreateMenu
MessageBoxW
KillTimer
IsWindow
EnableMenuItem
MessageBoxA
gdi32
CreateCompatibleDC
SelectObject
CreateDCA
CreateDIBitmap
SelectPalette
DeleteObject
comdlg32
GetSaveFileNameA
shell32
ShellExecuteExA
Shell_NotifyIconA
ole32
CoInitialize
CoCreateInstance
Sections
.text Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ