Static task
static1
Behavioral task
behavioral1
Sample
5c34f2856512e37f1b52b38eaab29f95c6fbd7dd500de6bbc44aa842084ac7af.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
5c34f2856512e37f1b52b38eaab29f95c6fbd7dd500de6bbc44aa842084ac7af.exe
Resource
win10v2004-20230824-en
General
-
Target
c71e9f8ffd2ff38fadd9a9b7597979ff.bin
-
Size
1.1MB
-
MD5
69290eba181308e01d3c26a56082378e
-
SHA1
353fa3b93372545081395a8f952e8a6724ff06be
-
SHA256
2e551b833e03e1987bdbf28d4203cb16310048e58cfa18651e7ddfd44f816ef2
-
SHA512
e8665d31e0ad4b89e5cb02a8535eabe56c87f9de9aea1515e7851ce0643f86ff34d45a3dcfc402d3465c3070b71b4205df2d4c61995a3e8fcbdb18cf7974f840
-
SSDEEP
24576:3Oe8p2pdItUBy0IGA2Bpeo8nLHYHbNvKKMbjVVGQwqDvQp:37dItEhIGAxL41MV0Qw3p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/5c34f2856512e37f1b52b38eaab29f95c6fbd7dd500de6bbc44aa842084ac7af.exe
Files
-
c71e9f8ffd2ff38fadd9a9b7597979ff.bin.zip
Password: infected
-
5c34f2856512e37f1b52b38eaab29f95c6fbd7dd500de6bbc44aa842084ac7af.exe.exe windows x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 680KB - Virtual size: 680KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 476KB - Virtual size: 476KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ