Static task
static1
Behavioral task
behavioral1
Sample
51ad49a33d4116003b1bbfa4be0009c232eb8309728e6903ceebeac326def1c0.exe
Resource
win7-20240903-en
General
-
Target
51ad49a33d4116003b1bbfa4be0009c232eb8309728e6903ceebeac326def1c0
-
Size
4.2MB
-
MD5
0c9ac016b38263da875782e7fd32cd5c
-
SHA1
c81138a0fd251982dd17ec26efa677a84babbc39
-
SHA256
51ad49a33d4116003b1bbfa4be0009c232eb8309728e6903ceebeac326def1c0
-
SHA512
b0f023a55887b60c1eb432caf2db4a4d90eab5838fd8411e7e7b606da3fa9a53ce8a65f153f9d3ce30cfce82d848a5aae3637bbfca01872233a304efff99a197
-
SSDEEP
98304:5GAdFqYLoMHlz3zc1V4nplSNwmo4Fd3mFR3c6iSPpp:lXqfIjc1Vypl5m1mP3JX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 51ad49a33d4116003b1bbfa4be0009c232eb8309728e6903ceebeac326def1c0
Files
-
51ad49a33d4116003b1bbfa4be0009c232eb8309728e6903ceebeac326def1c0.exe windows:4 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
lstrcpy
Sections
Size: 2.5MB - Virtual size: 7.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 428B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mwochaol Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
znckopri Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE