Static task
static1
Behavioral task
behavioral1
Sample
Import_GAMCX027710SYD_19MAY.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Import_GAMCX027710SYD_19MAY.exe
Resource
win10v2004-20220414-en
General
-
Target
591f77dc27721728387a331a1eee0c84304424ac303e826574713b787ad12c9b
-
Size
414KB
-
MD5
0bace00369318bea3ad5a7d3119ce2d7
-
SHA1
179fb41d445ed82b005ee970549bb833813894b9
-
SHA256
591f77dc27721728387a331a1eee0c84304424ac303e826574713b787ad12c9b
-
SHA512
ee4528226a9277ba9616442b22cf4fa048236bdbd95da7714c677461bf7410e21c14fc2430cb7c4321d93f746295b988fe5c84f8bba844f3d0a4316a44777274
-
SSDEEP
12288:yafeQYoXbveGdIGnr50PMoyIJRfTrPJMCC:yajYorvFJ0EE3/Ju
Malware Config
Signatures
-
CoreCCC Packer 1 IoCs
Detects CoreCCC packer used to load .NET malware.
Processes:
resource yara_rule static1/unpack001/Import_GAMCX027710SYD_19MAY.exe coreccc
Files
-
591f77dc27721728387a331a1eee0c84304424ac303e826574713b787ad12c9b.zip
-
Import_GAMCX027710SYD_19MAY.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 472KB - Virtual size: 471KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ