Static task
static1
Behavioral task
behavioral1
Sample
mpa.exe
Resource
win7-20220414-en
General
-
Target
mpa.exe
-
Size
260KB
-
MD5
44a6829e3ee6c5d98fccde99b502f7e2
-
SHA1
a64dce6694fc716860a52b367317efc095e46756
-
SHA256
6b80459293e1eae78fa4efafbc8ddae1fb2bdb73c35c0b1880fdb65d80a49114
-
SHA512
94a51cc57016387bc64107f4b159dd9bfb588fca597bbec9137e94ef832e2a1471a742bd20de3405f2c9cdf4b3b7436ac6889295ba424d678236232d148c26cd
-
SSDEEP
3072:6SkA1Chkup1T3bnAhwg7xXn5CJdQ9o/jZVk85Z76f4ca/+BPWAAzxMyvLdNbQ:WPTUuKp+Q9sj/k859k4D/+B6xbQ
Malware Config
Signatures
Files
-
mpa.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 220KB - Virtual size: 219KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ