Static task
static1
Behavioral task
behavioral1
Sample
MegrendelƩs_(P.O_5029063)_FANUC.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
MegrendelƩs_(P.O_5029063)_FANUC.exe
Resource
win10v2004-20230220-en
General
-
Target
1839d60cf892ae968e59ad532281b0fe.bin
-
Size
19KB
-
MD5
0eb18ccef491864125c6aef9a0b37486
-
SHA1
b44c0d6b9e392e59513c6d34d62c8fca1b211640
-
SHA256
522c136a5648148e12e1178ebae504cd81cb6e95e79d16f6a0ef77c051e57ddf
-
SHA512
592e5a919001039a7701a488b5b7d28130f693e925efda13e48021fa9f4ff7dc0fb1ae836857f20d374c0107c7be2a12166b6924b2966ce6545afb0d3a88d440
-
SSDEEP
384:Boj7+kH/5m9W55WlKBgsSgRSh5WLTFhBYEuhNCtHxznq9kGnDWz:Q7PHND1EhEFhbgyxz0Dg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack004/MegrendelƩs_(P.O_5029063)_FANUC.exe
Files
-
1839d60cf892ae968e59ad532281b0fe.bin.zip
Password: infected
-
380265b82ef7a370c15289a465dd7e7ea094448ab20a0be51656ff676bbae616.zip.zip
Password: infected
-
Megrendelī¾s_(P.O_5029063)_FANUC.zip.zip
Password: infected
-
Megrendelī¾s_(P.O_5029063)_FANUC.iso.iso
Password: infected
-
MegrendelƩs_(P.O_5029063)_FANUC.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ