Static task
static1
Behavioral task
behavioral1
Sample
d7cb8a2d60e1818d0638a4c38cd6fae475dc83ab7b2bde9827ecc4e4a7ce6ed7.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
d7cb8a2d60e1818d0638a4c38cd6fae475dc83ab7b2bde9827ecc4e4a7ce6ed7.exe
Resource
win10v2004-20230915-en
General
-
Target
9824d07cea51069c0042eff0e46d1ad2.bin
-
Size
284KB
-
MD5
060b98b92140fdcd717c1fc421739772
-
SHA1
48310e80f82ec686207ff6eb84a2e586bb7cd54d
-
SHA256
fe025cd046edabab5a07d058bfcbb884c144511581d5206681064355fb2834bc
-
SHA512
5f6ec1e59ad8b98bb5ebb548e7d22db59d0a256c521eb8bd5ee58553510d28b1ef3e0abe1297129acf65ba5c45f397e140caacb1dae43610a13326cd0b6bf6ae
-
SSDEEP
6144:FUKe9SG2zYVb77tY5qsyZQ5BkATTLmXQux0pSYlfSSeAXdx:FUyG28b7JYEtYBLfLcZxKfkMx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/d7cb8a2d60e1818d0638a4c38cd6fae475dc83ab7b2bde9827ecc4e4a7ce6ed7.exe
Files
-
9824d07cea51069c0042eff0e46d1ad2.bin.zip
Password: infected
-
d7cb8a2d60e1818d0638a4c38cd6fae475dc83ab7b2bde9827ecc4e4a7ce6ed7.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 309KB - Virtual size: 309KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ