Ob�*p�Xd���c��<� V2r��hz)��y&azS�d�2KyvGE,����D���P� �㘔āRe�?�vpS'��� �W�� VRN�Lc�� �ϡX�~=��2�fp{۬1�R�X�W��R�M1%�pu��K�#��[��w�v��s�qex�� GvC���IS��� n��F�ŝn^(Qr*cK깗Ob��~��D�3��t��=<wX��@Z߳-S��:��n|̽:�����ܐ�ν�������w��f��T�U/D�Y��{���$ )b�K��0��<Uӗ3^7p�s0��������N~�X�,�ʓQ�T�&*��8��(�K�����נ�����Dc *n� a��/�U���ۓ�H^������� \�'�J�Ib�8T �+����;9��5��U�����ǮAN ����N�StDH5�� +E�}�<F=x��� E�kOI�hQ�s'���X(�c�~�^$'����Q ���`y�g ��{l4�Vٹ_m\:@O�Erݧ[*i��C�����HHR�K+^�o�1��ݜ!���������4ؘX�+oH"�DגK���Bv������� ܭ��4p��0���Xk�UǞ��-��L�z����A8]�7㑋5�ˍ��-6���v{��$s�"@ddX;�5�m��|ln�͆Y���Џ l�c�mȓ�1���I�=n�(ǥ����+�'wik�O]����RF2�wJd'`�A�����~ g�F�ZS� a�@MY_x�L��o'��y�-�n��h~ld����qJ��E��/��#����G�H��"1j�t6� R�dwL}���C�C��$N��FvyK���Jt�K��+�t���⽱(����{)�,.����̞E%bwA�v&���[tL���sq�����n�zWU�k�·3&_m���[,�A4[az��f^e J�4+�A#�K���Q,F�M�*Gr�*�ԙ�{v��>K�%�9PC%:��y��z��b#�/�rC {�$g`z�6�3��S0��)Z�㵴� ���E�X]��u�`+-g��"�j�1K�Eٺ � �ɟ�*n�B]�c��S�B����l����pz�V���+ X� }�~�Ul��.��E�6)��DwA�F=�����x�y7�*O��P�h��uC>��&;�Ll/Y����2�����3�V~ ՚�"A�q����+.x�@��jp.��8 �<�͡F%$��'����0�'�LTG�a79+Jϛb75����=y���_$�D�����欌���y�ܽ+`���6�K>�5��r�����5�%��~-L���CY��2�if&��[��k>���|TX�松DG[|"� �X����4���F����^ݗ�]�9���p��u��������(���z�)a��5?u�;�z�w��WS��>��K;����^H����9�?M�O��Sͺ�T>�)��DF ����kcx����L�L�$��b�Ph#��!<Z��l �/p1��ag�]�LhFք�gc/�$��q!��,�i���'x��-��r������Y��Ҁ��/$K�3렽M$������M�"��V� EP����#-�h�|� ] ��N�#pۇ�"�w��/X������k �p��S�%���7W��2�~E��hI��$ ��<�]�>���,�U������e(�)�pƴ${�jr� ��*��M����\QA�J�9T~0�PB���v�(^d^<��=ZݞƄ�WE��6g�%�Ѽ�L�����E��I��+���'�;��+|m@�G�$y�̨3����T���k�c Z�lcb���(Jw[�� ڔ�I��"ou�3v��a��J�����q�����͖۔�ѡ?�+h+�rH�F*'N�2<�^��`�{MA$e#6��BM|���X��г�r.8|�B���gIs��p��2�� ������/.}�ϸ��:�"Ӊe���ڞ�u�냼�E��}(v8�Ӧ_Kmn?JD��F��d�O]*b�*�<����dD[*A"��Z���Ϋ���UB�}�ڱcoa5��﨡/�xzS��#jBK+����!��i�T��W��q��e��Vx�A%���1���X ���\G�j�+GiNp%&C��������3�d<``�����YgP ,�,w�1�r@��M͜�l���I��w��1�s�#�|`�x�? ����Uo��w���2/l%�L&�+�W��T��7z^gV�w��X�I���1�<xmy��|o���<,Q�2�x����n����*] ���4��`��j�`�:f�.E/��F�`'�����u s'����Asęv�r7O�pm]v3w�'�m2��l�f��`Ќ�6� *�*�2+��z��ʼ�dּ�p������_EFe���~D=���x\i������Z������+S�(������H��}n'E�����O���\r��!3�|�Yj��#,�MGG]D�j�y�+z�4���=�8��k���%�º�"�}�ʴ9 ��O��c�q�%./Mi����}W�ެ�ݰ�2 �L���n&|��i_9���*oIJ��ؾ���Q���ҟ��P ����@ڠev۱�W֪B���a�K�λn*��$c��)�۷��\*v��_�Y�x<�7ح ��W�=�5��\#b�_e� |b*�<�_r��4�θ|���@M@�i �2�Epc�j�>MHZk��� �l~nǴ���ܐ8_��>���o����V���p4j���7��m֧o����wh�y.��QSxn20}�K�w�H`��:�h �ͳK�ؘ���I ���;,�k5�DS�p$������6b� �p �8�$��8F��Rr�H�!���QO�E�Rּ� ������<�-���{JT�<�@���M;�W�cgH�FC���P������ �����6T!чߔ%��8<o��M�ؙ�G��e��D����S����/"�\)���B��Ȣ9!�>������B�خ����u�u]0�h���t��`�!#$���a�̏1�[T?{_�Z��!�������q��ML�U{���%��E�|���d|�e*v���� *�/�g��o\)�ܷ>n���0�鎭��V����[�o�ԗ�i��� mq݂3M�s�m糎�]5v�W�:<o�,
Static task
static1
Behavioral task
behavioral1
Sample
048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700.exe
Resource
win10v2004-20240508-en
General
-
Target
048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700
-
Size
2.4MB
-
MD5
58972b34ce77f8d7bbaa3f5b5344db20
-
SHA1
a3dc18dbe5abb0fffe62427366ff5f52e16a28a7
-
SHA256
048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700
-
SHA512
4539e1723d3595faa2d53488623d33cd94d06ece1503e9359dabaa7fb6184cc63717f5d8d25ada897603ee40381ab881789b793776fab97b8f8c619cd2da133e
-
SSDEEP
49152:xe/sgWc1/Ae5JRanw2xCrrkOzWmwwtxVqsSZL6+QbGpNwOxlZ2cRDvZQDEJ7Yr6Q:E/sgdIe5J72sk4wwPIgk++72cpn9Y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700
Files
-
048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Sections
Size: 41KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 16KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1024B - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 8KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 202KB - Virtual size: 7.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE