surtr | f569484d61c302401d2368222ab9bc61e80acaf023b0820f24c787dd5f507c00[.]exe | Triage

Resubmissions

21-07-2022 15:39

220721-s3nmgsgdg5 10

28-03-2022 05:17

220328-fypb1agdd4 1

Sharing

General

Target

f569484d61c302401d2368222ab9bc61e80acaf023b0820f24c787dd5f507c00.exe
Size

1.0MB
MD5

fdd350ad598545e4a93118784f331943
SHA1

e75abfcfa0c37ec4a7dd673952e93482f467e7f1
SHA256

f569484d61c302401d2368222ab9bc61e80acaf023b0820f24c787dd5f507c00
SHA512

0a4578269a7ac8bdd748b9e15e019f6fe92d5ddf7318314d0c5e2b50be00c16632aefa7c6701f0bf9be20e71378e4b5c40a7bafc77159e5ba792dc99738df931
SSDEEP

24576:8pBzKGHF0bxTCFvXwKd/aISpu4Qc6F3v1HT2BzN2tgGS3YzYhoOTa2KN:8pV4xTCQu4Qc6/F8lT7KN

Score

10^/10

surtr

Malware Config

Signatures

Detects Surtr Payload 1 IoCs

Processes:

resource	yara_rule
sample	family_surtr

Surtr family
surtr

Files

f569484d61c302401d2368222ab9bc61e80acaf023b0820f24c787dd5f507c00.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 921KB - Virtual size: 921KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ