Static task
static1
Behavioral task
behavioral1
Sample
4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6.exe
Resource
win10v2004-20230703-en
General
-
Target
4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6.zip
-
Size
121KB
-
MD5
5dc24d696d1d3b94b5f3f47155a52a21
-
SHA1
489bf8e95f1ade6f3d52004ba04db89e34525d27
-
SHA256
e3c00e33f7bf7854f47a38918c8d38115808b80e2dbae41c78d45c4ae913d3cd
-
SHA512
4e6a98b1c8c095085f403f4d05489320a1ba388d9ff5064204a52730fd9682a59beba91608e270d3d785bcbe08a6ad7b444300d3dd54df257d14ff2d282ebce9
-
SSDEEP
3072:xhoviAKx6WMbect7wNZpfZw/h+UyBPAeteOuBYY6TngCLz:ApO6zSct7OZphFVPAetxuBYY6T7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6
Files
-
4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6.zip.zip
Password: threatbook
-
4c4da7ca3fc9b71ecd8f9e8f0b676a2fb2d4c9428abee2abfac827495f94c8c6.exe windows x86
Password: threatbook
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 186KB - Virtual size: 186KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rich Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE