Static task
static1
Behavioral task
behavioral1
Sample
6818b7dbbe4752b07a9e9aa8c52e4e7544b71f062bb6a5f4b7e0c9172601fa97.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
6818b7dbbe4752b07a9e9aa8c52e4e7544b71f062bb6a5f4b7e0c9172601fa97.exe
Resource
win10v2004-20230703-en
General
-
Target
988502d05fa95a7ae798ba594a2bf758.bin
-
Size
626KB
-
MD5
d0ab4fbd877cb5f5c0a7bfd86efa0c77
-
SHA1
aac07fc8cdad2450065e58c5c011286acae95867
-
SHA256
8a00da3d72b25847da2fb0489675559435d5770f7dc33c5ec87d6ec117bf16b4
-
SHA512
46210e54b5431a1a756f509e4f10a75a6e121d657e28beebb2f08c1f4f3a41f31c93a6b847df2003fddd7cbafafbefc7bb3f38e552ddeab25efde8733935e21a
-
SSDEEP
12288:MHL3b8tSH+bXzFQ5Gc/1Z6wNptl2m9yoFHelZ7ona4tcW+7iSGv:MHLYEH+A/1Z60mkezS4WZtv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/6818b7dbbe4752b07a9e9aa8c52e4e7544b71f062bb6a5f4b7e0c9172601fa97.bin
Files
-
988502d05fa95a7ae798ba594a2bf758.bin.zip
Password: infected
-
6818b7dbbe4752b07a9e9aa8c52e4e7544b71f062bb6a5f4b7e0c9172601fa97.bin.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 734KB - Virtual size: 733KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ