Static task
static1
Behavioral task
behavioral1
Sample
2dfe662fdf9cdb98f44cb0307188837be6b3e8aacace0b1725b95def11519dc0.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2dfe662fdf9cdb98f44cb0307188837be6b3e8aacace0b1725b95def11519dc0.exe
Resource
win10v2004-20230915-en
General
-
Target
eaf2b6671ec5dded98f2a7fe6aa603c7.bin
-
Size
1.1MB
-
MD5
b8ef1f715f78ccc4aa583812ee6b6f4d
-
SHA1
7b7032ac3e545af65c2480578e7263fc80d4aef6
-
SHA256
da03dfd3132630a0db051f2859d9a93070ad5f898d45fd257e37ff2fccf5ca26
-
SHA512
c79734a9952d98cf055f4058e67c2dbaaa6c157c44592ad3d4dad2f3963aecd163a1e5bb58e4de56f81984414e0edaea6f820abdbf3ab5cf0d2f664c19321042
-
SSDEEP
24576:hKvKPPFIaqPqy7xLFq1ltrULYIZgopLVDwTSjInMGN+2O9Ke8:hKvueV57xLIztgMIPLVMEInMGt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/2dfe662fdf9cdb98f44cb0307188837be6b3e8aacace0b1725b95def11519dc0.exe
Files
-
eaf2b6671ec5dded98f2a7fe6aa603c7.bin.zip
Password: infected
-
2dfe662fdf9cdb98f44cb0307188837be6b3e8aacace0b1725b95def11519dc0.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 160KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ