Behavioral task
behavioral1
Sample
4464-213-0x0000000000400000-0x000000000045F000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4464-213-0x0000000000400000-0x000000000045F000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
4464-213-0x0000000000400000-0x000000000045F000-memory.dmp
-
Size
380KB
-
MD5
413c20f836493e3d250ec217c63c94b4
-
SHA1
c744204af322dc841e6329f080a37fec3a9ecd3a
-
SHA256
2c2bf9c6902b8423a246f456d51b999455e15b26c128a70bfe4418a8b00629b9
-
SHA512
679010322ebd127a8d30ee4e02681a9956a87b2201dfb800ccf005b893718cc45e4a3e87928bb79b698ba6f5d07f71be0a23dc53359d8f89cb7512b2f37cba2f
-
SSDEEP
3072:Yad5up8lfO9R+rVZxzAskAGbhAzT69ohOP+LmX7b/MxuCwLgNHCDml:fhfTfxUspGbhgT62hO2Lo2HCa
Malware Config
Extracted
systembc
109.205.214.18:443
Signatures
-
Systembc family
Files
-
4464-213-0x0000000000400000-0x000000000045F000-memory.dmp.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 692B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ