MDE_File_Sample_0a[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

1

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

langs/English.ini

windows7-x64

1

langs/English.ini

windows10-2004-x64

1

Resubmissions

20-02-2023 05:44

230220-gflzlahc6w 10

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20221111-en

raccoon ae72a9288d2ce774d14ddadddb8258c1 stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20220812-en

raccoon ae72a9288d2ce774d14ddadddb8258c1 stealer

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

langs/English.ini

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

langs/English.ini

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

MDE_File_Sample_0a.zip
Size

1.4MB
MD5

969c76c606bd18792bc2acb3944d76c1
SHA1

9df39202fdb533508c51b9efcc3eb169a10d8c1b
SHA256

b297a76de5182907a69a878cf161ca65b274152eb92a9d9591248ac4f5494dcf
SHA512

6100009f7fc88bc22e7be41bbdc3fc8b1a4ba24fbe59abbe84646c5f2eafb84aab6cfbbfa3e4d199e308660f4dd35be3fc01afaeb70a61c4d823b044d37a3ac3
SSDEEP

24576:+hBNa4T6AUdB9fPGMmEOtIX8OxJNzmtXdBJTJyyZwn8cMV0VGkK122VNei2j5cne:+vBUf9TmEOtwFNSnBryyOnCyVGkK1f2b

Score

1^/10

Malware Config

Signatures

Files

MDE_File_Sample_0a.zip
.zip

Password: infected
Setup.zip
.zip

Password: infected
Setup.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
langs/Croatian.ini
langs/Danish.ini
langs/English.ini
langs/Finnish.ini
langs/Hebrew.ini
langs/Hungarian.ini
.ps1
langs/Indonesian.ini
langs/Japanese.ini
langs/Kazakh.ini
langs/Korean.ini
.ps1
langs/Kurdish.ini
langs/Norwegian.ini
langs/SimpChinese.ini
langs/Sinhala.ini
langs/Slovak.ini
langs/Swedish.ini
langs/Thai.ini
langs/TradChinese.ini
langs/Ukrainian.ini
langs/UyghurLatin.ini
langs/Uzbek.ini
langs/Vietnamese.ini

© 2018-2024

Terms | Privacy