Static task
static1
Behavioral task
behavioral1
Sample
3f68d49b10b78abebff4fe1624c64e2f9108a7a776d945ac71a046c23f85740c.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
3f68d49b10b78abebff4fe1624c64e2f9108a7a776d945ac71a046c23f85740c.exe
Resource
win10v2004-20230915-en
General
-
Target
b7f7489e2c1c270552c1755c558d580a.bin
-
Size
624KB
-
MD5
cf1e37b83ed9156037e5338fb0915dc0
-
SHA1
860fddb6c6a1f19f06732570a156c30e0eb0a76f
-
SHA256
933bffc020bc74f47c96f4b58d4b6c4ea614e88c84145a24bb1e0c5d4006b601
-
SHA512
31b97324c4b4ac0db83f60f6eab9835e5d5909dd0d06bb802cc3c781eb05ed05f651f4002361017c57e82eeb31e1724e04020851bc6dd528547395e64561fa99
-
SSDEEP
12288:iflMgkzCIpeLmwQ9eo4YZGLqGR5tePCfdo7bIHll0NhJ6pXnm5gRL:iflmeweLa9eo4AG9RwCfdoXI30NipnRL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/3f68d49b10b78abebff4fe1624c64e2f9108a7a776d945ac71a046c23f85740c.exe
Files
-
b7f7489e2c1c270552c1755c558d580a.bin.zip
Password: infected
-
3f68d49b10b78abebff4fe1624c64e2f9108a7a776d945ac71a046c23f85740c.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 655KB - Virtual size: 654KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ