Static task
static1
Behavioral task
behavioral1
Sample
36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8.exe
Resource
win10v2004-20220812-en
General
-
Target
36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8
-
Size
393KB
-
MD5
6ad94ce6af8bb44d3e2a61093069e53a
-
SHA1
b20717e718355d078f86ce2a2fbe8bae8051e51e
-
SHA256
36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8
-
SHA512
dbe80225f2c83b375a8f6343b7d1ac35491c6134a36fa6ceabc6201c8e0c82c862fa35bf9da2e2b2ab919b0b8fe96286a6729ff61f2006b9d3c1247f2fc950bf
-
SSDEEP
12288:ClnaENFrl0QnjvyUh6D4k7C1oqJW1t1zK:CxaENB/jvye6D4iC1v8Q
Malware Config
Signatures
Files
-
36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
29:b9:79:80:af:91:6f:ab:41:36:5f:d6:c3:fe:6c:beCertificate
IssuerCN=NIKOLAS\\AnonNot Before02-05-2014 04:42Not After02-05-2015 10:42SubjectCN=NIKOLAS\\Anon21:ee:24:cc:11:ed:53:3a:8e:98:a4:4d:35:5e:d7:8f:7c:ff:01:82Signer
Actual PE Digest21:ee:24:cc:11:ed:53:3a:8e:98:a4:4d:35:5e:d7:8f:7c:ff:01:82Digest Algorithmsha1PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=NIKOLAS\\Anon17-11-2022 13:15 Valid: false
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 390KB - Virtual size: 389KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ