Static task
static1
Behavioral task
behavioral1
Sample
25c432720e7e86454a3156b83a485e94fcea7ae77f791a0c0d5810e5ab72ebea.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
25c432720e7e86454a3156b83a485e94fcea7ae77f791a0c0d5810e5ab72ebea.exe
Resource
win10v2004-20230220-en
General
-
Target
0ace70c2bc94f4ca950dcb66753293fe.bin
-
Size
571KB
-
MD5
f43149126a3e0434c428ebe61e849e18
-
SHA1
b53577476c949a5300fc31353fbcc0dff5cd85ed
-
SHA256
673c01c7260c2358bd240b9e7955960d8df9cebcb918424a18314f3915903718
-
SHA512
bbb9757b681e6ba12e8fbc22224c7d48607f9e38a6de24e7372a8d7e09a74156c65c493bc101a189f526f5e154b91ce24b028340f967c4efa18a038e609afbaf
-
SSDEEP
12288:V4b2aos3C50GFGGVA+cYKtY3vYKP0IuGVpaaZGgoV4:NaosydFGGVA+5GY3wk0Iu0p5Z5O4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/25c432720e7e86454a3156b83a485e94fcea7ae77f791a0c0d5810e5ab72ebea.exe
Files
-
0ace70c2bc94f4ca950dcb66753293fe.bin.zip
Password: infected
-
25c432720e7e86454a3156b83a485e94fcea7ae77f791a0c0d5810e5ab72ebea.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 673KB - Virtual size: 672KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ