Static task
static1
Behavioral task
behavioral1
Sample
15e26094676227ed93d5968badafe6f33ac17f77b9e91ef7ef86ee82d5a07821.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
15e26094676227ed93d5968badafe6f33ac17f77b9e91ef7ef86ee82d5a07821.exe
Resource
win10v2004-20230220-en
General
-
Target
056deb6ec10027d86888638b8b2247b8.bin
-
Size
365KB
-
MD5
b1f7229d850402e18500f2c08aae08ac
-
SHA1
951da5f1909f5dc4748d1128e85e695a72046ca9
-
SHA256
ed7707860347ea07199de6d5fb4e25d6c7e059cf8b21e4b02d19a1db9a864569
-
SHA512
89f0f8cadc9a8f1c90ce31f313706289b6c07b7439d8de6ef5c7c0c1ce5c40addd4bcf07c2f629fb85d30ae609d0fd78fb94cdd6767231b53a3694752e915dd0
-
SSDEEP
6144:CwFQJNAQHwLaQnC1A0Roky9kL+xsxR1Qk7ej5kTqpOEBwXFx1CrPfDdWSnhRz5M/:AJLmaQC1A0pyls3v7esqp7WXv1CTfDd+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/15e26094676227ed93d5968badafe6f33ac17f77b9e91ef7ef86ee82d5a07821.exe
Files
-
056deb6ec10027d86888638b8b2247b8.bin.zip
Password: infected
-
15e26094676227ed93d5968badafe6f33ac17f77b9e91ef7ef86ee82d5a07821.exe.exe windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 558KB - Virtual size: 557KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ