Static task
static1
Behavioral task
behavioral1
Sample
docgur20230925.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
docgur20230925.exe
Resource
win10v2004-20230915-en
General
-
Target
docgur20230925.exe
-
Size
822KB
-
MD5
7db30eacb2aafcd1c57d4cf6b314ca71
-
SHA1
784c19294b0348258632cdacb23927063f0f7ad8
-
SHA256
dfe21dcd3c319fbb88566950ad3cd104f0e76c50200687b8906975c9cdd5aee6
-
SHA512
985bba196e18696cbe5cb06f03416f2f6b839ebdfd32ac9d4b316cbf32fa7231c5f0e6deeb84ab5271a156c35b5c04295b670dacbe8ef1b477586b0205e5baf5
-
SSDEEP
12288:91FckahW3INm7sW2ndLQJfVDb0xPkh7g9tO01ehCt6+5wVZaNY:VcDh/m7sPdLQ9VH0xPu7g9n1z6+iuY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource docgur20230925.exe
Files
-
docgur20230925.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 646KB - Virtual size: 646KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ