Static task
static1
General
-
Target
No2-5b9fcd35-bff7-4942-a11f-3899cb11a842.tmp.0.dr.zip
-
Size
11KB
-
MD5
9a85c849855a86bd27409563fff83186
-
SHA1
c655048ab9bd706e6a5fafdd9c61c94072a25901
-
SHA256
c0b1ff4985163af826630444a821a7b8b3cf15fd72fd408d7601ba0d500df3f6
-
SHA512
305e88990d74814e1d2100dfdd664f9d35276b5ef8e3bc77f0f5d2f626fc4b4da8f16db8e9273ea94725c158779a0b3862386c9eaa02dacd0cc3b77cdb17a41d
-
SSDEEP
192:m4JYBSCfnoJISSXUKTmZ9RPyRdM6m6frdt7kvKYPwQgiiLwGJj:PJYgSTUKTgPyRGd4Rp0DPtsdJj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/5b9fcd35-bff7-4942-a11f-3899cb11a842.tmp.0.dr
Files
-
No2-5b9fcd35-bff7-4942-a11f-3899cb11a842.tmp.0.dr.zip.zip
Password: infected
-
5b9fcd35-bff7-4942-a11f-3899cb11a842.tmp.0.dr.exe windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 244KB - Virtual size: 631KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.symtab Size: 512B - Virtual size: 4B
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ