Static task
static1
Behavioral task
behavioral1
Sample
ac358d18315f1bc837b902417ec7dbcbdf7880fad906dd0b0d0a4163d8f9e7e7.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
ac358d18315f1bc837b902417ec7dbcbdf7880fad906dd0b0d0a4163d8f9e7e7.exe
Resource
win10v2004-20230703-en
General
-
Target
971c3a680b05325817ed1fc4522c9667.bin
-
Size
448KB
-
MD5
c3425fc5a77587d124f055bc76becd70
-
SHA1
0914129212f4e97fdd4d5aa2d670d5515ad98eff
-
SHA256
c8e0ebe07ccce04bf45bd05be204255b30356a660b5afcfdfd29ee9585e9b810
-
SHA512
e5027f66d7eeb8af3c8948dd1f6d82005199fb289162876bc17193fdd1131c02c3228373f8d06571e833809ffd8d19262accadc3b6af8b3665741254eaa3ec07
-
SSDEEP
12288:KHVInYc7549KhJDSjr0YVOHAj2jEiphp11DNMKbDVDd0l+:ecYWeUbRHrp1nbxDX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/ac358d18315f1bc837b902417ec7dbcbdf7880fad906dd0b0d0a4163d8f9e7e7.exe
Files
-
971c3a680b05325817ed1fc4522c9667.bin.zip
Password: infected
-
ac358d18315f1bc837b902417ec7dbcbdf7880fad906dd0b0d0a4163d8f9e7e7.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 655KB - Virtual size: 655KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ