Static task
static1
Behavioral task
behavioral1
Sample
agodzx.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
agodzx.exe
Resource
win10v2004-20230621-en
General
-
Target
agodzx.exe
-
Size
699KB
-
MD5
1f2c6935c61d49280d0045b8f2116825
-
SHA1
4155b3ddc7594410c0bf44a47c1dabebd9139a77
-
SHA256
1d0cf9a5e034371075cf0a328d98c53f4eeb74325d61ee956222346ebb1f5497
-
SHA512
0b29dad6c11285abdb53d164c314e81fbee01cd097ea165fe5e9a7901cdf3ee1c3ac0503e0698b78ca556f97f7cd04b82f245f22fb9fef0770f4981c0e00a1c8
-
SSDEEP
12288:Icj68OWbTgWhCLoj4+cv27SObVt0RaA0wndwFQPjXtYX3D+:NT7bTgWhCa4FaSwG10GEQX63D
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource agodzx.exe
Files
-
agodzx.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 691KB - Virtual size: 691KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ