Static task
static1
Behavioral task
behavioral1
Sample
554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131N.exe
Resource
win10v2004-20241007-en
General
-
Target
554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131N.exe
-
Size
2.8MB
-
MD5
79d73f0973da38285b0e0a83fa7ef5d0
-
SHA1
18692d3c66779517481c1868e39a8ed62f3af7fd
-
SHA256
554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131
-
SHA512
471ba9cd38f5126e79a52baa70e5bb169dd09b7b05b7a56da8dc6da28c0a6e579d2962b575ac4ca83695d8a60a07457d974e2d79d4e7506cb4769a7ff87ca270
-
SSDEEP
49152:DU9YADYi0RJlAy7OA9V3DRv3csLjd3bYmrVdI/p:DUdDYimJ+y7OA9V3d3XJbfW/p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131N.exe
Files
-
554bde2e706bad2908fc0534a58e7cfa7e099edc754a46717f738616da146131N.exe.exe windows:5 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 90KB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 496B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xvfhlknz Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
okirljbd Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE