Static task
static1
General
-
Target
a864282fea5a536510ae86c77ce46f7827687783628e4f2ceb5bf2c41b8cd3c6.zip
-
Size
439KB
-
MD5
47bf6fda4bd2a0247775f2d1c5e28a08
-
SHA1
2cb8b84d88cc32d14794bb57cd82f80fed031055
-
SHA256
6ef43e47bb150d17f47308b33092320dce0b2ca97b0b75b39ae3bb755b969df7
-
SHA512
45052bae911ab6961f0df8d0c122401d3ac2185b46fd7fe11433cc0014fcbebec8095fc084e3e107f1109c0734837c0d3bfbc610aeb5fc2e9582683951151edc
-
SSDEEP
12288:d0Dc4LiS1S/H7remQSjvQA+u7tVp2WlBJBf/b8YeM:duzSjvQqLFJBrXeM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/fury_ctm1042.bin
Files
-
a864282fea5a536510ae86c77ce46f7827687783628e4f2ceb5bf2c41b8cd3c6.zip.zip
Password: infected
-
fury_ctm1042.bin.exe windows x64
f6da1794eea7809ac5969477dbb4fa70
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
CryptAcquireContextA
CryptGenRandom
kernel32
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
GetHandleInformation
GetLastError
GetModuleFileNameW
GetProcessAffinityMask
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
msvcrt
__C_specific_handler
__dllonexit
__doserrno
__getmainargs
__initenv
__iob_func
__lconv_init
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_findclose
_findfirst64
_fmode
_fullpath
_initterm
_lock
_lseeki64
_onexit
_setjmp
_stat64
_ultoa
_unlock
_write
abort
acos
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fread
free
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
malloc
memcmp
memcpy
memmove
memset
printf
puts
raise
rand
realloc
rename
signal
sprintf
srand
strcat
strcmp
strcpy
strerror
strlen
strncmp
strncpy
system
vfprintf
wcscpy
_time64
_snwprintf
_findnext64
longjmp
_strdup
_getcwd
_chdir
user32
MessageBoxW
Sections
.text Size: 298KB - Virtual size: 297KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 33KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
/4 Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/19 Size: 508KB - Virtual size: 508KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/31 Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/45 Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/57 Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/70 Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/81 Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/92 Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ