Behavioral task
behavioral1
Sample
1232-135-0x000000000EE00000-0x000000000EE06000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1232-135-0x000000000EE00000-0x000000000EE06000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
1232-135-0x000000000EE00000-0x000000000EE06000-memory.dmp
-
Size
24KB
-
MD5
5ad4971a3d088298ea7c9c8628d0ec8e
-
SHA1
6a2026903283d65acb3021dffc045fe7e5bea239
-
SHA256
12ff45a05585d5b7e632215958bf55fbaf6d7d434eb0048b45ace4c01de79201
-
SHA512
ab46bbf23dddaa860a155a6291394bcdda4a934a1780efa8fc37f39ff1581c9bdd0bc0b4db287c77fe2f0c570ee4b315282ac3453f3c28c77974a8a41e5bf457
-
SSDEEP
96:kDo5mP9/6AjBJ4+taheKMFm/MM4odWL4O+ZuBhymmrgIskUlHFNaLzU2FFxgNOM:kPP9/LJ1asQ/Zbdx/rgBLaLrFFx8
Malware Config
Extracted
systembc
210.16.67.250:3000
192.168.1.28:3000
Signatures
-
Systembc family
Files
-
1232-135-0x000000000EE00000-0x000000000EE06000-memory.dmp.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 4KB - Virtual size: 238.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 238.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 238.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 238.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ