Static task
static1
Behavioral task
behavioral1
Sample
datas and performances.exe
Resource
win7-20230831-en
General
-
Target
datas and performances.rar
-
Size
364KB
-
MD5
55840023817235bc9d6e94eb840a6277
-
SHA1
cb151f37bcce312319d14764d264865f6da162aa
-
SHA256
99a8953f9b580032163b5636f9736c3727f25c7016214fa2971f6c67e80597c7
-
SHA512
4a4b4b289c30f77c472c49c72f01933d0949363e5cd48be3b47e42307040ad1b30bb4154ac162f962a8dc4abc71850aad1a5d4c55da1976e59db17288a4ef0e1
-
SSDEEP
6144:pFfxDVyaPzdDmVrxb1mOaNep/Bu/yHt/SfFM3rZ5nltVSVDyLTgfGLY:p7IaPz1+rxb1VVBBHYFM3r/kIT50
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/datas and performances.exe
Files
-
datas and performances.rar.rar
Password: infected
-
datas and performances.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 307KB - Virtual size: 306KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 153KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ