Static task
static1
Behavioral task
behavioral1
Sample
b70d3f79bc1acc2a35b1d8c14072f8c0fd205941303c5dcd925188851c0ad5df.exe
Resource
win7-20230831-en
General
-
Target
b70d3f79bc1acc2a35b1d8c14072f8c0fd205941303c5dcd925188851c0ad5df
-
Size
3.5MB
-
MD5
0a3ee34cf1365de10bf529a54477cb88
-
SHA1
ee9bedce57f42439debc276704a4fe5b55d9156a
-
SHA256
b70d3f79bc1acc2a35b1d8c14072f8c0fd205941303c5dcd925188851c0ad5df
-
SHA512
caaa85e966ea06b5ee7c59da56b3d19fb441bbad182710efde169f2dd5cb06874e0c257eac796ac1c8ae4bee84a9d2637b4369653cd6940c2aa7d427c101bbc3
-
SSDEEP
49152:AMu7YcmdTgH8/ET2EUCuGYytx2ekJ7vdDfzGPO8xoBtTxGYtRsuLfwAYgg6eSUxJ:K7/mBgHiGYyj1kJaefBsuLoAYsoJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b70d3f79bc1acc2a35b1d8c14072f8c0fd205941303c5dcd925188851c0ad5df
Files
-
b70d3f79bc1acc2a35b1d8c14072f8c0fd205941303c5dcd925188851c0ad5df.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 2KB - Virtual size: 4.5MB
IMAGE_SCN_MEM_READ
VProtect Size: 615KB - Virtual size: 616KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VProtect Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VProtect Size: 512B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
VProtect Size: 102KB - Virtual size: 104KB
IMAGE_SCN_MEM_READ