Static task
static1
Behavioral task
behavioral1
Sample
8d9a8f9de34a75aeba8164f658881f4c142690b58c8cf30486f18574a8e14185.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
8d9a8f9de34a75aeba8164f658881f4c142690b58c8cf30486f18574a8e14185.exe
Resource
win10v2004-20230915-en
General
-
Target
010ef94907f5876e46be0ed87689fde9.bin
-
Size
998KB
-
MD5
b5e2c5bedc924f659b307a46b52055a4
-
SHA1
660521e68f0fd090719996568e6c2b8f77c2b2c1
-
SHA256
a58d90831710eca88256a16ab1164de33e09e746bca461166e9a1769a5430c87
-
SHA512
507f0fa70093906dca781b265caff9f9d6da902b7d75f162a2f1ee8c72d7d245920e921812ba705657d0a9cc614a770c17dffbd106bc73f4e238b4e3d7cedd14
-
SSDEEP
24576:QoJMLsxop1N2DZUCuVQKHZj5i5sjHfJC1gtyeGZ7jL4:XJo/N2dWQm5n/JigSZ7jL4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/8d9a8f9de34a75aeba8164f658881f4c142690b58c8cf30486f18574a8e14185.exe
Files
-
010ef94907f5876e46be0ed87689fde9.bin.zip
Password: infected
-
8d9a8f9de34a75aeba8164f658881f4c142690b58c8cf30486f18574a8e14185.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1005KB - Virtual size: 1004KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 160KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ