Static task
static1
Behavioral task
behavioral1
Sample
efe6d23dab9287853c24e6b98de149234deb5159819bee15dbec1bf6ea92b2d0.exe
Resource
win7-20241023-en
General
-
Target
efe6d23dab9287853c24e6b98de149234deb5159819bee15dbec1bf6ea92b2d0
-
Size
1.8MB
-
MD5
c44bd9eef3801920db5a7848312d6e77
-
SHA1
ef46fd880792edaf7185a4d7911dcfa4786330ae
-
SHA256
efe6d23dab9287853c24e6b98de149234deb5159819bee15dbec1bf6ea92b2d0
-
SHA512
1c09e18e6f01dc7697ee70c627c2023b03f1421cf726b7e69bda10e9750d5584cb9895735ed25db678c98dedac88da767ded50c7c61b30b391c7ce698cc1ed48
-
SSDEEP
49152:96pnLxr7C+pLHxWsH0nxtCOzLlVHJ6BIA2A:96nC+tHx3oxsmLZ6S
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource efe6d23dab9287853c24e6b98de149234deb5159819bee15dbec1bf6ea92b2d0
Files
-
efe6d23dab9287853c24e6b98de149234deb5159819bee15dbec1bf6ea92b2d0.exe windows:5 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 147KB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
facuxisp Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
izzallzr Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE