Static task
static1
Behavioral task
behavioral1
Sample
4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe
Resource
win10v2004-20230915-en
General
-
Target
01973f09014fee62754ea67861264da5.bin
-
Size
638KB
-
MD5
b218c54136ad02c9fe719d67fb97a26b
-
SHA1
e6d4ee03faf4707526158273e8ec5779fabf27f2
-
SHA256
3f4787a9691512f34f66042da6e34f2967dc368f3d17b95a202c397218ed1063
-
SHA512
ea0acbc5eac9588e391f9b56cb7c9e5dc211b93b64b4391199ce03d68586ea4ac269119ad46bf9bcf5c4866906ec46c1423f4f73667cf3ef9ff5dc9fdb30ab05
-
SSDEEP
12288:TZG/2ScqUuIhnyESuxJs4Qw4assqSJHuzUXnz/TpLY9MOqnY85oZX+F:TZG/2LdryESeKPwCsqMHX3z/tLDOqnYO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe
Files
-
01973f09014fee62754ea67861264da5.bin.zip
Password: infected
-
4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 646KB - Virtual size: 645KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 160KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ