Behavioral task
behavioral1
Sample
1228-57-0x0000000000400000-0x0000000000894000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1228-57-0x0000000000400000-0x0000000000894000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
1228-57-0x0000000000400000-0x0000000000894000-memory.dmp
-
Size
4.6MB
-
MD5
daeff0773c3af84d639a2947aacacab2
-
SHA1
126e895ebec5099c50f831930b011ecc5e57121a
-
SHA256
c87b35ebd57df9e3247bda52905b9285397fa8081f5ebd14fcca15392e33ffa5
-
SHA512
ba223bc4853187a5fccff0d06d5a14f748808dfbdee5be0a0c45b0b79d205bb925d4d019e1426fddd0eeae8c5abaa8268815776c31aa94f8c157e64a5cfffb2f
-
SSDEEP
98304:eLQKoEs8zv1sq5hAcVWju7fD5DBXtfCs6BJ+dM+/dhGKoaei:eHJv1sqAc0ju7D5DZt6s6mdM+lp/3
Malware Config
Extracted
systembc
n20b28tu.info:4248
n20b28tu88.info:4248
Signatures
-
Systembc family
Files
-
1228-57-0x0000000000400000-0x0000000000894000-memory.dmp.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 5KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
F���5�� Size: 4013.6MB - Virtual size: 1017.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hafbgvup Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vpqllwfa Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE