Static task
static1
Behavioral task
behavioral1
Sample
PI.exe
Resource
win7-20220414-en
General
-
Target
d8be3f297aceb857e37b549d663ee8aa
-
Size
899KB
-
MD5
d8be3f297aceb857e37b549d663ee8aa
-
SHA1
c9f3f94af97f40a394c521b6cc9e1f9a24ef6ae1
-
SHA256
a322ef4b27c39078de477c49c419953650d2182e62c4d65f8d56db3e66f64d91
-
SHA512
7398a4fb59d723accedeeddf42a5ee0d285effd8426be708cfbe1ad83b4d75c1cc179d6dede61aafc7a74ca1c3ad1251c4d9e5314f3b84836603c8ee50317d8f
-
SSDEEP
24576:kCNIh0CrYGmn8+T009vp6g+tHWaIeTFbhQLVZ:SQGmH00E2aIAbG
Malware Config
Signatures
-
resource yara_rule sample dropper_html
Files
-
d8be3f297aceb857e37b549d663ee8aa.eml
-
PI.r01.rar
-
PI.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 694KB - Virtual size: 693KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
email-html-1.txt.html