Static task
static1
Behavioral task
behavioral1
Sample
95216d71fff102892599ac2c3e12742cc687eb8ab3eecb475366f69a38297511.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
95216d71fff102892599ac2c3e12742cc687eb8ab3eecb475366f69a38297511.exe
Resource
win10v2004-20230915-en
General
-
Target
959860993197f8ad86fdd7a195009674.bin
-
Size
654KB
-
MD5
33f6c2625f33820d0c4a4c52afcab82c
-
SHA1
1109d909f639d522be7c9f604d11ce6ea48837af
-
SHA256
1b98fd58ce6f64baa1b33b404464ce37964fe3532f35144c7c1d8460fac320e5
-
SHA512
1f9402ec36e54186ed6faa9e9468776ac70a96796fcbdd0477bbaca92218d144fd272c080502c5925cbc10ce1e9da51f1178fad9bc6d6914a71d3ff11c437894
-
SSDEEP
12288:OofbAVSuHq1TJEl0EmuyDXHZyK6Wdgy15B5yuP/daxJxgiBW4vYc:dISuU1ScuyD3ZMWDLBkQojgi+c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/95216d71fff102892599ac2c3e12742cc687eb8ab3eecb475366f69a38297511.exe
Files
-
959860993197f8ad86fdd7a195009674.bin.zip
Password: infected
-
95216d71fff102892599ac2c3e12742cc687eb8ab3eecb475366f69a38297511.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 721KB - Virtual size: 721KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ