Static task
static1
Behavioral task
behavioral1
Sample
bea219f0f08ed083677a0b869e658ba09785f470668eadc659db2885fa89f3b9.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
bea219f0f08ed083677a0b869e658ba09785f470668eadc659db2885fa89f3b9.exe
Resource
win10v2004-20230621-en
General
-
Target
311f3baa9bfa5b2364fea8b254d15eb9.bin
-
Size
5.5MB
-
MD5
3c44e4d04000b5d4028776ee5b0f880a
-
SHA1
e22de13c91f1e4186a7bbe86a0a78b672ee42d36
-
SHA256
bfa5366094512789fd38369f027d746fbb6f3ba3e698492630bea0cf867ef983
-
SHA512
3ea6b6e2720fb9ed10b50add0c93368a1a0d4434093cc2929261118e7fb92f8e6c0c49204326fbc6abf5fa46f0a2b80fca4a88152881ede5af2e4c85db189f69
-
SSDEEP
98304:+Cd56OBLy8tpsINeVnUFjqcu5SCrYBHVFsKlYvo5SQJ3R7WoKC0kpMcdpbVTp7R:+Q56OB289MVnUFjFu5Sx/7YvoSQTWo1H
Malware Config
Signatures
Files
-
311f3baa9bfa5b2364fea8b254d15eb9.bin.zip
Password: infected
-
bea219f0f08ed083677a0b869e658ba09785f470668eadc659db2885fa89f3b9.bin.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
08:a8:e8:26:95:0f:1a:99:40:26:25:89:fc:af:0b:8fCertificate
IssuerCN=WZTNot Before08/11/2015, 08:15Not After31/12/2039, 23:59SubjectCN=WZT7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
a3:d9:7c:6b:39:30:01:77:e7:a6:30:ae:7c:60:cc:da:39:51:01:a4Signer
Actual PE Digesta3:d9:7c:6b:39:30:01:77:e7:a6:30:ae:7c:60:cc:da:39:51:01:a4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 8.6MB - Virtual size: 8.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ