Static task
static1
Behavioral task
behavioral1
Sample
Pre-arrivals bunker call.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Pre-arrivals bunker call.exe
Resource
win10v2004-20230220-en
General
-
Target
Pre-arrivals bunker call.exe
-
Size
765KB
-
MD5
fc7c0c7d812eeb6a67474d47af711c0a
-
SHA1
6ad329dc31dd021fce55f445b09ca7c26c731a1d
-
SHA256
5aeac4f6bc3f67763868803e6f4ed041dd0239d05a767075191f31fad97d30ab
-
SHA512
d3a375bd4e2339865b01a8e3636b3b6389a7144b84e0de85fd4886cecc9706da8c207f8da9e686ffeb430d4a37a55a47304c8f5f83655b18c3029c8f9f60aa9e
-
SSDEEP
12288:M2WtEIgNnwGFrlEhSdXfIlj0c7E8YTxh00gfLbCRYwrWAOROP:MPQw8KhGI0cYnT/PgfLbCIk
Malware Config
Signatures
Files
-
Pre-arrivals bunker call.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 763KB - Virtual size: 762KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ