Static task
static1
Behavioral task
behavioral1
Sample
NisSrv.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
NisSrv.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
circular_29092022.pdf
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
circular_29092022.pdf
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
circular_29092022.pdf.lnk
Resource
win7-20220901-en
General
-
Target
circular_29092022.iso
-
Size
768KB
-
MD5
b5bdf09f5f778b14f1eb4bb5a77209b6
-
SHA1
eca3b1d788a473c8336d8c5a9719bfb74ae01d38
-
SHA256
cd592c969a3a940e43888a1902ec9e4605ed28676d3945ab84d72175fbc87253
-
SHA512
f5ac111382f8e177bef7adb46cde3cbd942242b13265bcf465386abd97d670f0cf1b519df7b624ebae6ac5d200d7a2f8f954e9a35487cf36a0a5cab3e4d4e654
-
SSDEEP
12288:1QeS5W5CtoNFZj4QySHYca0UjzVDFKH3ox5y3:1QeScotGj4Q3a0U/VDFKXa58
Malware Config
Signatures
Files
-
circular_29092022.iso.iso
-
NisSrv.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 476KB - Virtual size: 475KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
circular_29092022.pdf.pdf
-
circular_29092022.pdf.lnk.lnk