Static task
static1
Behavioral task
behavioral1
Sample
6a3e27b0540fe392b2949096501482523f8ea9b097ebc0f914998024863ae7db.exe
Resource
win7-20240903-en
General
-
Target
6a3e27b0540fe392b2949096501482523f8ea9b097ebc0f914998024863ae7db.exe
-
Size
780KB
-
MD5
1b428c1780a986a3bbcc124192aa7b93
-
SHA1
510c649830f823e80e001e98717d0d8c466ab9dd
-
SHA256
6a3e27b0540fe392b2949096501482523f8ea9b097ebc0f914998024863ae7db
-
SHA512
74aa103035985dc6071f472515e0f813f2a26b45658020b99e473b2f0a7816d4717f41fe67cf1e81f795f1d56017703effa5f302578a7bc16dbaf881789c8ca9
-
SSDEEP
24576:F0ZhDa7BatUBFM8su0ZjpXZN0FmEOGpYmB:FwWNFBFM8s9FpXHunB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6a3e27b0540fe392b2949096501482523f8ea9b097ebc0f914998024863ae7db.exe
Files
-
6a3e27b0540fe392b2949096501482523f8ea9b097ebc0f914998024863ae7db.exe.exe windows:4 windows x86 arch:x86
d031b2ae6d207dcf7f78782dfafac286
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetFileAttributesA
FormatMessageA
SetFileAttributesA
ReadFile
CreateFileA
SetFilePointer
GetSystemDefaultLangID
GetUserDefaultLangID
WriteFile
GetLastError
GetCurrentProcess
CopyFileA
ExitProcess
GetTempPathA
GetModuleFileNameA
GetModuleHandleA
GetCommandLineA
CreateProcessA
CloseHandle
CreateThread
CreateDirectoryA
IsDBCSLeadByte
GetSystemDirectoryA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetExitCodeProcess
LoadLibraryA
GetProcAddress
FreeLibrary
WritePrivateProfileStringA
FindFirstFileA
FindNextFileA
FindClose
Sleep
RemoveDirectoryA
GetCurrentDirectoryA
GlobalFree
DeleteFileA
MultiByteToWideChar
WaitForSingleObject
GetDiskFreeSpaceA
GetTempFileNameA
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
GetEnvironmentStrings
FreeEnvironmentStringsW
GlobalAlloc
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
FlushFileBuffers
HeapDestroy
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
GetVersion
GetStartupInfoA
HeapAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
SetStdHandle
user32
ScreenToClient
DialogBoxParamA
MessageBoxA
SendMessageA
FindWindowA
DispatchMessageA
PeekMessageA
UpdateWindow
InvalidateRect
ShowWindow
EnableWindow
GetDlgItem
ExitWindowsEx
CharPrevA
CharNextA
LoadStringA
wsprintfA
GetDesktopWindow
SetWindowPos
SendDlgItemMessageA
IsDlgButtonChecked
GetAsyncKeyState
GetDlgItemTextA
GetParent
LoadIconA
SetClassLongA
SetDlgItemTextA
CreateDialogParamA
EndDialog
GetWindowRect
SetWindowTextA
DestroyWindow
gdi32
DeleteObject
SetTextColor
GetNearestColor
SetBkColor
GetStockObject
advapi32
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegCloseKey
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
shell32
SHFileOperationA
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA
ole32
CoInitialize
CoCreateInstance
OleInitialize
OleUninitialize
Sections
.text Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 10KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 145KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE