Static task
static1
Behavioral task
behavioral1
Sample
b6b11f3f8bfb25580a473ebc62529276c47a05e43c3fc70845df1d8c1c515262.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
b6b11f3f8bfb25580a473ebc62529276c47a05e43c3fc70845df1d8c1c515262.exe
Resource
win10v2004-20230703-en
General
-
Target
1f2297a0e5691036ab0ee42c015524cb.bin
-
Size
16KB
-
MD5
1674db25a7aae3af31ec364b2a09e3cb
-
SHA1
2d4178565f0b3c96eca4c492e4b55c29ff388dce
-
SHA256
3f3f16598fc5116466d35b903939e6a5f85c6660f2be4917935698d2dd18dde8
-
SHA512
d4654d491726bd0f3d044a85a75fe979f8b6769c78671d307f2909003a887a5775cf2a8be84ad5768e7d4971b244ba157b8737eedb60abd732b3260456a04366
-
SSDEEP
384:6aJNLhipyR+QBOeNoRqbS4fsUut8aJXgkf6iSGtEYPKkaJVDTcl2Kt:b8y3FN+EddNaJXgSzE4KkavD4t
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b6b11f3f8bfb25580a473ebc62529276c47a05e43c3fc70845df1d8c1c515262.exe
Files
-
1f2297a0e5691036ab0ee42c015524cb.bin.zip
Password: infected
-
b6b11f3f8bfb25580a473ebc62529276c47a05e43c3fc70845df1d8c1c515262.exe.exe windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ