Static task
static1
Behavioral task
behavioral1
Sample
486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96.exe
Resource
win10v2004-20240508-en
General
-
Target
486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
-
Size
1.8MB
-
MD5
a7323bcf0df71286fa3156cefb8e3049
-
SHA1
e9dd309d06cd5f9bff60fc4dc914fe9672193c61
-
SHA256
486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
-
SHA512
9143e73a9ccc52305c8c43a0397f8f47caeaf8a1953a96cf962890bf9757b5a9bb03e3b169612f8e7011757d20698662ae3f18a375c6baf380c792c4e27e6ae1
-
SSDEEP
49152:QoUMXNA6rEDrof7gzSdeRmeyC/0H9+q3uEoq:QpMXNA6oIeSiJyECH3Qq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
Files
-
486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wcjrprme Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
aczpyjwy Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE