Static task
static1
Behavioral task
behavioral1
Sample
826b84405feb5e71fd9ea9a8b2d8e6b79ad37487f706d0e10cc61c8884229424.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
826b84405feb5e71fd9ea9a8b2d8e6b79ad37487f706d0e10cc61c8884229424.exe
Resource
win10v2004-20241007-en
General
-
Target
f6dbd7deff3d7d6265f975fb067a780536555baa78db06ea6138f39e50712ee9
-
Size
310KB
-
MD5
7244e2dae15e5bca6a5d68590738fa4b
-
SHA1
5f985b13ec46f1c8d7f2bcdbf48d359a6ba9e514
-
SHA256
f6dbd7deff3d7d6265f975fb067a780536555baa78db06ea6138f39e50712ee9
-
SHA512
cba3d4b094413d1137da2bc51dc12efb7601ccdda7e7b1d3477bff3c327e12f7a70281f6b8b3c02a78446a944a0bee6a453040a282082114367928a43cf31104
-
SSDEEP
6144:1mbCF2Jtek0M8zPH08cwE0Y/VNWMpXsi0OhJMDyo0HyGpNG4O:gbCF2P/J49cwE0qNDXsi0W0yZHyGO4O
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/826b84405feb5e71fd9ea9a8b2d8e6b79ad37487f706d0e10cc61c8884229424
Files
-
f6dbd7deff3d7d6265f975fb067a780536555baa78db06ea6138f39e50712ee9.zip
Password: infected
-
826b84405feb5e71fd9ea9a8b2d8e6b79ad37487f706d0e10cc61c8884229424.exe windows:6 windows x86 arch:x86
6946dbce2907c88803b57e96461c2b21
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdiplus
GdiplusStartup
GdiplusShutdown
GdipGetImageRawFormat
GdipCreateFromHWND
GdipGetImageWidth
GdipCloneImage
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageHeight
GdipFree
kernel32
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
GetLastError
GetFileAttributesA
VirtualAlloc
VirtualProtect
GetModuleFileNameA
FindFirstFileA
FindNextFileA
LocalAlloc
TlsFree
TlsGetValue
GlobalFlags
GetFileType
LocalFree
GetFileSize
TlsAlloc
TlsSetValue
LockResource
FindClose
FreeResource
WriteFile
CreateThread
Sleep
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
ExitProcess
user32
ClientToScreen
DestroyWindow
ScreenToClient
TrackPopupMenu
GetSubMenu
LoadMenuA
GetClientRect
PtInRect
GetCursorPos
SetMenu
TranslateMessage
PeekMessageA
DispatchMessageA
MapDialogRect
CreateDialogParamA
PostQuitMessage
SetWindowLongA
GetWindowLongA
EndDialog
DefWindowProcA
ShowWindow
CallWindowProcA
SendMessageA
MessageBoxA
GetDlgItem
EnableWindow
SetCapture
SetMenuItemBitmaps
ReleaseCapture
GetMenuCheckMarkDimensions
CheckMenuItem
CreateIcon
EnableMenuItem
GetMenuState
comdlg32
GetOpenFileNameA
shell32
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
gdi32
GetClipBox
ScaleViewportExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
RectVisible
advapi32
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptReleaseContext
Sections
.text Size: 537KB - Virtual size: 536KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ