Static task
static1
Behavioral task
behavioral1
Sample
e92089c1bcd9543515ccada144422b83f9f0b39b3fc0762d79d6619138a224cb.exe
Resource
win10v2004-20240508-en
General
-
Target
e92089c1bcd9543515ccada144422b83f9f0b39b3fc0762d79d6619138a224cb
-
Size
1.8MB
-
MD5
c5389c16aca7d9e433b1acb5684a430c
-
SHA1
3d5c8bf3e4e94122d7d0f4c2f425edbbfa51fe4d
-
SHA256
e92089c1bcd9543515ccada144422b83f9f0b39b3fc0762d79d6619138a224cb
-
SHA512
bc48746c3391f68d803ae49b21630273acb5d04d2447ee24d1f0eccae7218edfb266a79145ddf50b818fefd9f1818265ebb69e5c99bb5324e0ea9e6eba867e16
-
SSDEEP
49152:eJWBDlfEr+CvqTByMdTZc6IlaAGcVHKje04:eJ0fEr+mqlyM5IlaADV8e0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e92089c1bcd9543515ccada144422b83f9f0b39b3fc0762d79d6619138a224cb
Files
-
e92089c1bcd9543515ccada144422b83f9f0b39b3fc0762d79d6619138a224cb.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ulhvadyy Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
zancqolw Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE