Behavioral task
behavioral1
Sample
7641ae596b53c5de724101bd6df35c999c9616d93503bce0ffd30b1c0d041e3b.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
7641ae596b53c5de724101bd6df35c999c9616d93503bce0ffd30b1c0d041e3b.exe
Resource
win10v2004-20220721-en
General
-
Target
7781606153.zip
-
Size
58KB
-
MD5
73598870bebd93ec86217316d7474f1d
-
SHA1
8089921a58dd01fb4e48ed38fa9892ada27621ee
-
SHA256
930dbb052257158db826eba84a4b06a26471ff1fd9428517b109bd39ecdbf9dd
-
SHA512
b01bda77ebaf0d4b0b693140aa0e9aa4c7d1c5e43751d410a2b136d31db488409603d20bca372043eb645a6ec08e6e18e4a00ab51379a6acb5dba26b58c01e55
-
SSDEEP
1536:vAu1vCYb1xaxq/Hoo2sUBvpF92Cgh+ngBS+N0hO9:bvp5cxq5UBp1g6gB
Malware Config
Extracted
metastealer
http://transfer.sh/get/qT523D/Wlniornez_Dablvtrq.bmp
Signatures
-
Metastealer family
Files
-
7781606153.zip.zip
Password: infected
-
7641ae596b53c5de724101bd6df35c999c9616d93503bce0ffd30b1c0d041e3b.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 133KB - Virtual size: 133KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ