Static task
static1
Behavioral task
behavioral1
Sample
44eed33c22146e5303a693aca95bf63b0697690d8c2327a7e81510cb62597ef8.exe
Resource
win7-20240903-en
General
-
Target
44eed33c22146e5303a693aca95bf63b0697690d8c2327a7e81510cb62597ef8
-
Size
1.9MB
-
MD5
df14d75173794ef930dc9baa47ff9942
-
SHA1
705ef3f01882163fb82fabe6747ee991b1dc5fa3
-
SHA256
44eed33c22146e5303a693aca95bf63b0697690d8c2327a7e81510cb62597ef8
-
SHA512
99a0856352e4cbba94b7921e3764e3c5d6f687dbbe569287c8c3798668acc365979d84bef48b30c4b4f3585ef82e49b28566107b803610783a72dff369a34d9f
-
SSDEEP
49152:QCVH3lHv5s+6oVgXpI5sZ+PEpa20zTyQRcC5uD/s:RVXlHV9CdpR0vJ5uj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 44eed33c22146e5303a693aca95bf63b0697690d8c2327a7e81510cb62597ef8
Files
-
44eed33c22146e5303a693aca95bf63b0697690d8c2327a7e81510cb62597ef8.exe windows:5 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 147KB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
olybwezj Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
arlizyif Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE