Static task
static1
Behavioral task
behavioral1
Sample
slation.exe
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
slation.exe
Resource
win10v2004-20230220-es
General
-
Target
slation.exe
-
Size
973KB
-
MD5
bd81e613125510f0c87d075fe6989f70
-
SHA1
dd911d8d8e528b2114048816114f38e3481c9cec
-
SHA256
6eaa607f8d798f0ad20c218bf99e6622d459ba4d9e477d23fc9bc5d1d8bfef9a
-
SHA512
b6c3a88652aac1790a6a453b66fb07f00a6267a045009fca856f1b01e6fa281affa6e1761fd9e409892ece605936c933ee44cf4ec81c18fb294d5b65bd641104
-
SSDEEP
12288:xkwGxdYxSbGdHABLqc+pHmWBeMk9STzQZ9FUjJrObUZKMiY8v+2BDL54UFrE:xbddgBmc+B/kiy273RArE
Malware Config
Signatures
Files
-
slation.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 904KB - Virtual size: 903KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ