Behavioral task
behavioral1
Sample
23848c44109aacce3d6f568cc946d2cf0f397b3689c805277805ad3c3cb2f482.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
23848c44109aacce3d6f568cc946d2cf0f397b3689c805277805ad3c3cb2f482.exe
Resource
win10v2004-20220721-en
General
-
Target
23848c44109aacce3d6f568cc946d2cf0f397b3689c805277805ad3c3cb2f482
-
Size
956KB
-
MD5
876d307bf60d887e79cccee870060fe8
-
SHA1
1ae009f9ca40776ae92003d160dc7daf5d4e921c
-
SHA256
23848c44109aacce3d6f568cc946d2cf0f397b3689c805277805ad3c3cb2f482
-
SHA512
7d6980de2978af997e617e666852d9e521799107ad4ad39b97d73f0be166a4578b6043ed94e66f6bfc7e8270fb402a10dc57b30b9abe5603abad9a4b031f68f9
-
SSDEEP
12288:vdaEjUTzZd5sWgI+jeGch07WNh8jpZncYhPBDRiy6NGv5vkEQAnLHomsMOCVa:vdaEjUTeeGxYhUpZnc/0BkEF
Malware Config
Extracted
bandook
ercuc.com
Signatures
Files
-
23848c44109aacce3d6f568cc946d2cf0f397b3689c805277805ad3c3cb2f482.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 576KB - Virtual size: 576KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX1 Size: 236KB - Virtual size: 236KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 140KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE