Behavioral task
behavioral1
Sample
576-151-0x0000000000400000-0x0000000000406000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
576-151-0x0000000000400000-0x0000000000406000-memory.exe
Resource
win10v2004-20230221-en
General
-
Target
576-151-0x0000000000400000-0x0000000000406000-memory.dmp
-
Size
24KB
-
MD5
34d9124682ce44f8bb642756965c7060
-
SHA1
f04c55bddd94ac49f2339c269cac2a8f5623a307
-
SHA256
de60e2a33037341aa685cad7b64573feeef692bdfe2d057a8a78da79d479d232
-
SHA512
525cf96a7ac07bad1d0a58a8d15074e03bae47e5beabb0c8f80c0cbbb53d4f6e418acd5ffa423b5a60f3bc06dd1dabc82718324bd639f1d9d0f66a0a11b27ec1
-
SSDEEP
96:viujWjxtYqRQ3ea4W/E/MM4odWLora0Fy/eKW9ZGcp2xFK+gcYOoSM:KujWjlQOa4P/ZbdV6eKxFK+n1M
Malware Config
Extracted
systembc
5.42.95.122:4308
194.87.111.29:4308
Signatures
-
Systembc family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 576-151-0x0000000000400000-0x0000000000406000-memory.dmp
Files
-
576-151-0x0000000000400000-0x0000000000406000-memory.dmp.exe windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 316B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 286B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ