Static task
static1
Behavioral task
behavioral1
Sample
d604590b5c7a14a354f325a3884dbefe9f01c19b0d6927e3aa4a437777022dd5.exe
Resource
win7-20230621-en
General
-
Target
996bb0ca947dc9b6a2d1268c36375a3e.bin
-
Size
2.0MB
-
MD5
bc3490ff1430ccda2cd37d339f5042e0
-
SHA1
ed23bbe4776b74940704f5c080b51f6e500d6f6b
-
SHA256
645b2b949e315744065b4ae0de5e32d38780a6ec7e2385e32cdfe502e8fa308f
-
SHA512
14ba817d043d56fefb43c2fb098e627e685f64f784e63365ed3e3ddc138d95df0d3eb7169d1406bd7ca1cfc191d575695312b08abe7b87fae38e775971620672
-
SSDEEP
49152:ruoLGQ4h9wjKrQ7V1X2M2Ce6bhP8Bj2r3KVc1XS:ruEswFlS6bF8mKV+i
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/d604590b5c7a14a354f325a3884dbefe9f01c19b0d6927e3aa4a437777022dd5.exe
Files
-
996bb0ca947dc9b6a2d1268c36375a3e.bin.zip
Password: infected
-
d604590b5c7a14a354f325a3884dbefe9f01c19b0d6927e3aa4a437777022dd5.exe.exe windows x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 1024B - Virtual size: 584B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 3KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 128KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ