Static task
static1
Behavioral task
behavioral1
Sample
d15f99dbd30bae6e896c52a810fbcba080ae3ba76f3fc0d9a7761c5736ec7c81.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
d15f99dbd30bae6e896c52a810fbcba080ae3ba76f3fc0d9a7761c5736ec7c81.exe
Resource
win10v2004-20230621-en
General
-
Target
7a6a6b35d4bc575897a1420134afc96a.bin
-
Size
136KB
-
MD5
080aa9dbc23ce9490ac8db3bbe2dca5c
-
SHA1
54ec46e119a91ebd496de611d8a927a174ef9975
-
SHA256
5d60cf42ec246587b61801971341e3a137a87357b441f9fcb486e35fa4f8f9ca
-
SHA512
fd3eda2a5d30be925b5208fcc021cc5061044d5400a9cb82539f90a2b0b4fb920374ae86e6b09009b21f748e1e15ad9c8b09e66ee1cf467f3e38561098b5486d
-
SSDEEP
3072:HZ9VUMid7nDvz+KkCKSzNCO5MGzZiakk862fUOwS7WQVOb:jS/BDvZwmCOlik86Cmf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/d15f99dbd30bae6e896c52a810fbcba080ae3ba76f3fc0d9a7761c5736ec7c81.exe
Files
-
7a6a6b35d4bc575897a1420134afc96a.bin.zip
Password: infected
-
d15f99dbd30bae6e896c52a810fbcba080ae3ba76f3fc0d9a7761c5736ec7c81.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 123KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ