Static task
static1
Behavioral task
behavioral1
Sample
Herbal Document.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Herbal Document.exe
Resource
win10v2004-20220812-en
General
-
Target
Herbal Document.zip
-
Size
767KB
-
MD5
f7f788c4ad8f56dc3feaabad4d780a01
-
SHA1
a3a105cb93de7edd6d6b6b38c69115fb38cfbd62
-
SHA256
d3d6146aa595256265683e2a02bc1a692052f9d7a9f54283bac39195058e4b73
-
SHA512
72068aa566776af5e68e0a50e3eed9cf573641810f05f4d9252947d7973257527b63b4f1eab6f8302053489054a22543c8645f046a86df7f253c538f124fe3f6
-
SSDEEP
12288:uxzRn3WwsRnwxal0EuDWiXbgHtZvPmP+8/L3iU3t4ggDbDq0Oyu/8AZ739AcY5vN:3jRwxaiDiPXt8/L93t4Rbe0c8AZDyco1
Malware Config
Signatures
Files
-
Herbal Document.zip.zip
-
Herbal Document.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 902KB - Virtual size: 902KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ