Static task
static1
Behavioral task
behavioral1
Sample
dfe21dcd3c319fbb88566950ad3cd104f0e76c50200687b8906975c9cdd5aee6.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
dfe21dcd3c319fbb88566950ad3cd104f0e76c50200687b8906975c9cdd5aee6.exe
Resource
win10v2004-20230915-en
General
-
Target
7db30eacb2aafcd1c57d4cf6b314ca71.bin
-
Size
657KB
-
MD5
ed9861140ec0f6f1af48a74b855599ee
-
SHA1
7c75deb065b652e6cce62041f5a875e5f395fc3e
-
SHA256
08b5ff24234614d625e0a3571ac9b17a34c739ecae5484c206fde5b61d68e20f
-
SHA512
5d33e83a0ba6301eb188c43c462c8aff41dec51efabff5e0cf4927b8004fcd8cb0d8227713975a82c3c10f36c5c824afbd63d8adf988cec684cfbc1ee813249b
-
SSDEEP
12288:2AxiAda/JrG6MUJE07SxPmAvITjhPdnScplkqBDVSUiNV+2aaqF/qcqtGZQV3P:tDda/vMUS07gPaPscntoxqFCcqtGZU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/dfe21dcd3c319fbb88566950ad3cd104f0e76c50200687b8906975c9cdd5aee6.exe
Files
-
7db30eacb2aafcd1c57d4cf6b314ca71.bin.zip
Password: infected
-
dfe21dcd3c319fbb88566950ad3cd104f0e76c50200687b8906975c9cdd5aee6.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 646KB - Virtual size: 646KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ