Static task
static1
Behavioral task
behavioral1
Sample
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.zip
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.zip
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.exe
Resource
win7-20230220-en
General
-
Target
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.zip
-
Size
1.5MB
-
MD5
7b15f3eb937573c54015a69e734b64e4
-
SHA1
0725768f30a75e250ed0bbe43c0dbdb36e02d995
-
SHA256
aea877c9675127df11c8c027d4da31c73a58c8021bd75902dcd01dd924dbf875
-
SHA512
4278f65bbc5926bdd34055b5cb8b0bf15fef2ee97b80e346e8e3d2e8831b4de1f5b89f965ff5e3ee9d7513fcb8d0511e3b89639ea55cfac19c7b260a3c590073
-
SSDEEP
24576:C/SZ/KQPp42OACgNDJvckPeRAXPNSCreaMbfpUm76F+VOGj3x8dV5UHnZerNoMeD:C/SZyQBkA7DJvckOkVSdBfpfxwtLKHnx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.exe
Files
-
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.zip.zip
Password: infected
-
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.exe.exe windows x86
Password: Infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ