Static task
static1
Behavioral task
behavioral1
Sample
8e2b4ef3690596ac262df39667fbc2c9cdd5870a1215fd43e1075261a5dfc529.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8e2b4ef3690596ac262df39667fbc2c9cdd5870a1215fd43e1075261a5dfc529.exe
Resource
win10v2004-20230220-en
General
-
Target
4a2fb0d3859d4fb7cb6c97e0a6817584.bin
-
Size
495KB
-
MD5
6d5cd98af2c205d803f5a007487284b0
-
SHA1
1fb8fb8b220d6fe2b898da1b657ccc569e098303
-
SHA256
8455a8ad99ebd036eb3fd9400a01ac3c4709392e50762bd0ae777015b24dd9e6
-
SHA512
0d62ee3ab29634df7603d9719a7524bc6bb38d27cf41bd001e7ee381e4fb243b48e58e23000fed8cce3b01cc279685b0f61676a6549f7c2ad6e3ec6ddc43e549
-
SSDEEP
12288:aY5FbdAjBMpHhrK0KTYjwak8no912pYF2z5vSB/M87jUI:B5FBv5rKkEak8no9oD9v4ME
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/8e2b4ef3690596ac262df39667fbc2c9cdd5870a1215fd43e1075261a5dfc529.exe
Files
-
4a2fb0d3859d4fb7cb6c97e0a6817584.bin.zip
Password: infected
-
8e2b4ef3690596ac262df39667fbc2c9cdd5870a1215fd43e1075261a5dfc529.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 688KB - Virtual size: 687KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ