Static task
static1
Behavioral task
behavioral1
Sample
97268044dc7eb3d794926e62b986204ba600d41c06df38d8089a6c4de7274020.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
97268044dc7eb3d794926e62b986204ba600d41c06df38d8089a6c4de7274020.exe
Resource
win10v2004-20230621-en
General
-
Target
7184b3a779f7e3d283b5a0b028732937.bin
-
Size
108KB
-
MD5
8a2049bd94294807777bf0d11203ad26
-
SHA1
7b9e551e62c8940ae5c8d5fcd6f61ea53606bdd8
-
SHA256
4dad1ad41ed0fb824d293edc1e449392d11e54db90ed04be6699bdb1bc700024
-
SHA512
bce59407ba5871377165c2a3ebcbccb65ab45e80f8066fa9e4d0fcc3a348cad13cf91ea856d2f65e32aa6399b210e4cba292cd09aa4bfaa8318bf9383972108e
-
SSDEEP
3072:VWDAsjwka3+9JGg7cELfDeFc7yfbJprsZw6:EDjjwyJJ7RgzVprl6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/97268044dc7eb3d794926e62b986204ba600d41c06df38d8089a6c4de7274020.exe
Files
-
7184b3a779f7e3d283b5a0b028732937.bin.zip
Password: infected
-
97268044dc7eb3d794926e62b986204ba600d41c06df38d8089a6c4de7274020.exe.exe windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 403KB - Virtual size: 403KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ