Resubmissions
27-06-2023 13:16
230627-qh3vkafa7x 327-06-2023 11:49
230627-ny2lbsdh78 327-06-2023 11:04
230627-m6rknadg99 327-06-2023 10:54
230627-mzt27sdg87 427-06-2023 10:46
230627-mt2vvsdg72 327-06-2023 10:40
230627-mqwjnsef9w 327-06-2023 10:34
230627-ml65lsef8t 827-06-2023 10:25
230627-mf5dtsdg32 327-06-2023 10:20
230627-mdlhyaef6w 327-06-2023 10:10
230627-l7twqsdf86 3Static task
static1
Behavioral task
behavioral1
Sample
mw_fixer_upd.exe
Resource
win10-20230621-en
General
-
Target
mw_fixer_upd.exe
-
Size
1.4MB
-
MD5
b71ceec4d2fa2b92317a2cf5b6da57d2
-
SHA1
13ffc0de36ced78ac6265a2218eaab9febd2ec37
-
SHA256
dc1f4cfd064c60ac539523c4154729bf6582f5f0a90e58411155c4ad94a80739
-
SHA512
3ad188dd6596b35053607c0eeeb0fa780475c633ada516ac043c39cd3d381f482abc1af72732aa199a673a9fa3ef446cad190e37aea8511e65e450200d7f2aaf
-
SSDEEP
24576:H+HmINIU4dInPT2LgQgkzBdsRfOndZEEbZjH+B1LJ:H+GaIU4dSaL/Jz3n3DeBF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource mw_fixer_upd.exe
Files
-
mw_fixer_upd.exe.exe windows x86
Password: stealer
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
(om/J g\ Size: 729KB - Virtual size: 729KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 674KB - Virtual size: 674KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 536B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ