Behavioral task
behavioral1
Sample
3204-378-0x0000000000400000-0x0000000000457000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3204-378-0x0000000000400000-0x0000000000457000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
3204-378-0x0000000000400000-0x0000000000457000-memory.dmp
-
Size
348KB
-
MD5
20d3d128344c5951233f25f8ed8b7082
-
SHA1
647daa907b7820ec0561b6d61e82751dc313ca49
-
SHA256
57eb4981e0fd20c8b5ca959387b836f3ee8f03386b5d382654eeaefd6bbb74dc
-
SHA512
c75748b696448e31a190ed8d0f41aa430bfc8d0b78bf69fad01d288452a8d616b3e830231de03a3e45b472344c9c9834fb9df6aa444d1abf2732be01e255981a
-
SSDEEP
6144:fh0LLcVcwMbfDjZArmiGT0AO5ldf4knigabwVfs:qXcCwcfDlAL1AO5lBiB
Malware Config
Extracted
systembc
141.98.82.229:4001
Signatures
-
Systembc family
Files
-
3204-378-0x0000000000400000-0x0000000000457000-memory.dmp.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 692B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ