Static task
static1
Behavioral task
behavioral1
Sample
f74ab1efa874c19f32108d0719951e9b2a6ab0bb9f9b66c53145e75efec1684b.exe
Resource
win7-20230220-en
General
-
Target
09fefe8f2d0e20847f08ebd26e29741f.bin
-
Size
646KB
-
MD5
8bf1d7c3cf4e794c4a1af2f2587d64a9
-
SHA1
7369135cfe02fff81cf5ae444972a15c8c064aa8
-
SHA256
0330d3f58300a7cac8144664d3fb2ee031ddbc7d6ad532de12cd71ed535b7dac
-
SHA512
5e9a8c9bb959a837cf402d1dcdaa1160fce673a1b5087192b2bbd8b472d6de862b9fef0d1f7c4b5b3eb02f603d16d3d7f41d9eaadfc8da75ff1cee333127e353
-
SSDEEP
12288:/xraRWC3JGg8cUqSjl2UgvVUWeNcvQ8gMSCePax4aTeuibFoI4Mg:/xraRP3GqS/gvVUWeNcTt/2aWukWI4F
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/f74ab1efa874c19f32108d0719951e9b2a6ab0bb9f9b66c53145e75efec1684b.exe
Files
-
09fefe8f2d0e20847f08ebd26e29741f.bin.zip
Password: infected
-
f74ab1efa874c19f32108d0719951e9b2a6ab0bb9f9b66c53145e75efec1684b.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 750KB - Virtual size: 749KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ