Static task
static1
General
-
Target
multilog_020823.exe
-
Size
1.9MB
-
MD5
8fd3ae36f7b39392cdfceb62ff5ec424
-
SHA1
29285c0bb829be3a1803f9e363d373f0078ac0d3
-
SHA256
7e5d9df2992b469358c4e5da2057883cdc42d21590f1eac289449d0097643e49
-
SHA512
3f0019ddc8d4ce7b786ef87c4e937d8f698a79bceea05c3f21b47bf51e698de98f4362fc5e196a4b1ce20abafe15d3b6707def83e6a6f41a263b1fc53750d2e6
-
SSDEEP
24576:hsp47GvZwA433qW8OCV47dJPGJ11G3jxLqxj6CY/5SWpBl3YRWao32b:mK7GRAHqN47d+11G3NLe6CmSWVrao
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource multilog_020823.exe
Files
-
multilog_020823.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
sIw f-| Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 513KB - Virtual size: 513KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ