Behavioral task
behavioral1
Sample
82a5d382c3b4fe2e17f09af36df20f1e53bb8b712ca6f7af9a15861b38f91f24.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
82a5d382c3b4fe2e17f09af36df20f1e53bb8b712ca6f7af9a15861b38f91f24.exe
Resource
win10v2004-20230220-en
General
-
Target
fe2457d4da43adde492576a91398086e.bin
-
Size
2.7MB
-
MD5
b16f99ba4ab2ca385069272be7dc1713
-
SHA1
84d0ed143471c294a815304edf740163e67983c2
-
SHA256
2289996f4a35a9b01273ba095e1df0802759f84fc4e3041c3a18591af9372c4f
-
SHA512
276b3b6f784488568a37d660c4530d6550a5bdaa7fd8251d75fecd38840e1718ee19b8682545ec6d34b8920c9b83565f9965dc00fbbd9caa8a12cb63a0780044
-
SSDEEP
49152:zx4axTMWvYzO1MNUCziH5UItbG5o7VpriLks5C/ZaTohcS6jlooSUJA5dRhDQa7o:zaaxLeOONUCzOyM+o7DmLD4U3S0J6RhM
Malware Config
Signatures
-
Laplas family
Files
-
fe2457d4da43adde492576a91398086e.bin.zip
Password: infected
-
82a5d382c3b4fe2e17f09af36df20f1e53bb8b712ca6f7af9a15861b38f91f24.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 8.6MB - Virtual size: 8.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ