Static task
static1
Behavioral task
behavioral1
Sample
8d8ae453a5773f10fddff520a45326b3d665f79e707898fa0e09b28084bfb1f9.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
8d8ae453a5773f10fddff520a45326b3d665f79e707898fa0e09b28084bfb1f9.exe
Resource
win10v2004-20230621-en
General
-
Target
4d0f16309f1dfe19ab558a13624df4aa.bin
-
Size
601KB
-
MD5
13171325c7754d6f7857affc79e52098
-
SHA1
034e2c66aefdb21e2bf63fd200ff22081a43534f
-
SHA256
c1c129e0b967434b1ca76280cd7219b43f3633e0c9bf2f18088b8da298068616
-
SHA512
b784047888d5b99cc8d2d56191d6a80cb1331a202ba81c595de638b0d508c0ad7b1eec53f02b84da0d86509fc4992f10d93d27b034409d9cd296cfe940b18501
-
SSDEEP
12288:RUGx+5osNg6p3oiwKkpELXvcoCaY8QflYsuVOtNc6wJPXhCCl17NtkV:RUGGNJrGELXu8QfCsuVOXMXQw7Y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/8d8ae453a5773f10fddff520a45326b3d665f79e707898fa0e09b28084bfb1f9.exe
Files
-
4d0f16309f1dfe19ab558a13624df4aa.bin.zip
Password: infected
-
8d8ae453a5773f10fddff520a45326b3d665f79e707898fa0e09b28084bfb1f9.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 899KB - Virtual size: 898KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ