Static task
static1
Behavioral task
behavioral1
Sample
c1a8208a8af8fb2ab397e586ea8a7f265921e6f21eb592af42a8f5c805d18557.exe
Resource
win7-20230220-en
General
-
Target
0e17be44ab5949aa7e8c435c724d7fe4.bin
-
Size
517KB
-
MD5
9e31c33d7265ec69704f6bf8e3279518
-
SHA1
5cae480df265561bbf3f1b8bfc55d1c733c252ad
-
SHA256
87ad690dacfe8e2be2c9282c560eabc774b53c364d978236ce4a3f275f0d0fbb
-
SHA512
311cf22b03c9b8b53c77274a6d9e6373cee9836e3bfeffc0afa5adb2cdd9b0a841bd7f9c16e99ed6e1964ac8a60264758255b3d63e2d7ae6d5e48697870fed07
-
SSDEEP
12288:ysIKSjdqCb7TlNAdMluUd02rthgLXuaDHCFk:WKSjdqCb7TweluUW2rtKLeaDiO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/c1a8208a8af8fb2ab397e586ea8a7f265921e6f21eb592af42a8f5c805d18557.exe
Files
-
0e17be44ab5949aa7e8c435c724d7fe4.bin.zip
Password: infected
-
c1a8208a8af8fb2ab397e586ea8a7f265921e6f21eb592af42a8f5c805d18557.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 584KB - Virtual size: 583KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ