Static task
static1
Behavioral task
behavioral1
Sample
1808-60-0x0000000004D30000-0x0000000004D62000-memory.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1808-60-0x0000000004D30000-0x0000000004D62000-memory.dll
Resource
win10v2004-20230220-en
General
-
Target
1808-60-0x0000000004D30000-0x0000000004D62000-memory.dmp
-
Size
200KB
-
MD5
6d771676149871fb159592623bbb1188
-
SHA1
209bb889d8897526bd8fcb1479cff37654816780
-
SHA256
f18a474641ff4582d2cc091e849403bbf44ea6ae218a73de6df4de5deaf67a22
-
SHA512
2fbe87534386ad57fc2ebd683c4d5d6d15cb2f6d05127052a7f95c3f1986b19e3b205a8d78c61d531feb4f3bbee998ef9dcddebf8837d0daf16b0e2f297e3c78
-
SSDEEP
3072:qBIy0tRjwU6q4mdsTQnWegjEPatvS4WBLjynuBBZCRk1ZUrbvhvFyQpggOzPLYcw:3tBwUN4mLg3tvStBLj4gZnZUZ91pTow
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1808-60-0x0000000004D30000-0x0000000004D62000-memory.dmp
Files
-
1808-60-0x0000000004D30000-0x0000000004D62000-memory.dmp.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorDllMain
Sections
.text Size: 183KB - Virtual size: 182KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ