Static task
static1
Behavioral task
behavioral1
Sample
PO NO_305011001_WHM.exe
Resource
win7-20230712-en
General
-
Target
PO NO_305011001_WHM
-
Size
639KB
-
MD5
bccc5b3ac071d74ea61bd5f625b5e591
-
SHA1
d20b3fc3526ac1870971d7ace4fceb9cb671977c
-
SHA256
952afa13444ac86f5c8ad1aa181460e694f1f340f546d09e38eabc124122565e
-
SHA512
d7558cdf55f58735d3c7b8160deb0721c00c7090aa80ae15f0e16ffe43fefd879b0b7a3f42d73cdd1081dfd42fcfdcf6a964d49a0b104bac86ec46e8b8ff4a26
-
SSDEEP
12288:iZWLWwhnFjMRR1bgXtVuJlGrERJJwu7+/IAaUcTHhWXwYpW2GfW01vLD:iNwh6GuT4crhWgdu01/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource PO NO_305011001_WHM
Files
-
PO NO_305011001_WHM.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 637KB - Virtual size: 636KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ