Static task
static1
General
-
Target
battle-gear-flash.zip
-
Size
18.2MB
-
MD5
1038a65fb3b5a74b5d350c2d4cbb965a
-
SHA1
cde84de61925c9d50a69a89cb52fde0a54640070
-
SHA256
9ba80c91942dc448a8bf018c0ed4b618f0050c8f464d82c8ddaf590c9d3a07df
-
SHA512
a3c448293ddf6594e5a4c59898441ef3703e0b894c67cb4d51b7fffd634eca9c110f4a8eb28178035a15c4f249d399be07aa78fae5d4b829d47d23f8872fccc0
-
SSDEEP
393216:OC3EAMErKaAgJfZARjbn4uK8AisVZ1EAXTlIVu2RN8p2sWcInxk:1EAMEWaAjz4upjKyAgRmp2PTy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/battle-gear.exe
Files
-
battle-gear-flash.zip.zip
-
battle-gear.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
PFV0 Size: - Virtual size: 6.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PFV1 Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
battle-gear.swf