Static task
static1
Behavioral task
behavioral1
Sample
e522454c7fb915cb65e42e67ea9890df5ead1356053e563c43a1603f669c6fa2.exe
Resource
win7-20230712-en
General
-
Target
2aa0fe002aeee888c33dbb6864580e6c.bin
-
Size
3.8MB
-
MD5
e6d5df45cc3f84cad9380ce6a0a5946d
-
SHA1
3e0a63913ae11898020b6da1bdc035a8898852a5
-
SHA256
674c8d94cf9924732c53502672cd3dfcc3173f1c073e2f355eed447751abf286
-
SHA512
b21c3f26f4c40413d05e436d4f5f8ef178c7f210b03c885c7c5e89ab21c65568d09b782cf5e5ef2fadf10aad35bbb549eef8efeb6faacbe5c9d8b8d77bb26dd9
-
SSDEEP
98304:cTJyxZDMLJy5sMu2CPZ9tYBzmCgXg1ubxl5DB9dZd+iV0T:aiVMVy5sNZ9tZCgzlLLV0T
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/e522454c7fb915cb65e42e67ea9890df5ead1356053e563c43a1603f669c6fa2.exe
Files
-
2aa0fe002aeee888c33dbb6864580e6c.bin.zip
Password: infected
-
e522454c7fb915cb65e42e67ea9890df5ead1356053e563c43a1603f669c6fa2.exe.exe windows x64
Password: infected
79b3362178937bf9559741c46bb9e035
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
Sections
.MPRESS1 Size: 3.7MB - Virtual size: 9.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE