Static task
static1
Behavioral task
behavioral1
Sample
7d0417ec0e02002489cda78b4fd5d4dc57d4957a00287b4eb24c8cec8c68caad.exe
Resource
win7-20230621-en
General
-
Target
12dc82a693eb598eb3aa521ffe54dc77.bin
-
Size
3.9MB
-
MD5
8ca0a189d5ee54533ca29fe6ee8a50d5
-
SHA1
b728083c60830f98deefd3bed307ab5320a9e5a3
-
SHA256
307c3e20e65556cfe4c2c0e0864a6b71fe0bb56cf8c3e1fc26890cf849925705
-
SHA512
c9550fa42b5a501a1c30ce9b13cb3bd02170d455c219fd0db5fb64f7bc27045348c72e2e10cb5d488396c6c62df36f5bbd0aa7730c5c096bdc518f1c6bcb2ff8
-
SSDEEP
98304:0M7D+OFUg0qT2h57pxMKPx6FOimQzHbeyGpNFtU4s5xWyBrhKGW0r:h+HZR5XMKPgOimQzHDsNbmtf9r
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/7d0417ec0e02002489cda78b4fd5d4dc57d4957a00287b4eb24c8cec8c68caad.exe
Files
-
12dc82a693eb598eb3aa521ffe54dc77.bin.zip
Password: infected
-
7d0417ec0e02002489cda78b4fd5d4dc57d4957a00287b4eb24c8cec8c68caad.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ