Static task
static1
Behavioral task
behavioral1
Sample
PI.exe
Resource
win7-20230220-en
General
-
Target
PI.rar
-
Size
646KB
-
MD5
abca758df173419c3a31ec19bfbea8ad
-
SHA1
105fbf3da6219f4a3badbb8c1776b7fa3f29da28
-
SHA256
f23640716e9b48d455771758fa9dc339dfb50e2a4b75d05191b60c93998cc105
-
SHA512
7af04c5a99374c3be8cbfc838979081216d0aa7c808645def86315fc2095cc88312a78bbfa32dfd52d4fc1b436cda792135524410b99821402f74c69cdfdca1e
-
SSDEEP
12288:PABUV1UqpZg+ec4+1nJfbnMwQaDoOiWTy2+qXXDrcxuYBe+gE:PcUHU+g+B4+VJLqMIqXXcxuHE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PI.exe
Files
-
PI.rar.rar
-
PI.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 771KB - Virtual size: 770KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ