Static task
static1
Behavioral task
behavioral1
Sample
2f63ebbdab728b4add526836bbe063788228b48240179035db13f85b9836559d.exe
Resource
win7-20230220-en
General
-
Target
632d0b1d1be228f96b34300b650b2ef7.bin
-
Size
515KB
-
MD5
a0f466690c5c6a399ef1af46982c6034
-
SHA1
df86c60676aee89685d89e0b2a7cadc0e7c2ca17
-
SHA256
f2438fed82945c1600bf03ec36014cc60835c2ab1db4accd556d8254cd82c5f3
-
SHA512
ca07b07184ddbb83b87b48a9fc18f0cae2995d08cfbb206b282be57f544278d6f57e309a0df261dee24138b076e9fd24d4afaad1a52f07a727af209499a52798
-
SSDEEP
12288:c1ge9keDDWEFsgI99i09p580sh+V3j/nGJObLfXqop:AnuDEyziKCg3LGIb6op
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/2f63ebbdab728b4add526836bbe063788228b48240179035db13f85b9836559d.exe
Files
-
632d0b1d1be228f96b34300b650b2ef7.bin.zip
Password: infected
-
2f63ebbdab728b4add526836bbe063788228b48240179035db13f85b9836559d.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 587KB - Virtual size: 586KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 888B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ