Static task
static1
Behavioral task
behavioral1
Sample
Activator.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Activator.exe
Resource
win10v2004-20230915-en
General
-
Target
06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71
-
Size
191KB
-
MD5
7765c7068a4c9fb65b048eae0526bfc0
-
SHA1
dc242c457109409aeda18c31479e89f6728f9eef
-
SHA256
06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71
-
SHA512
549277090ec65b8a6c47ddebe5d980be376dd9504f605aeed561b335c974aa75225ee41774f9445637c291b728382e33b4621bf1796165fa4923c43a01e402ac
-
SSDEEP
3072:X/9Z2265vxUOVhpcCVtulh1vDMEQd1sYvbwKlv2edno8lKaEe+q5xzq8sGc8:P9Z2v5lUCVtGhhETzdoy+qnq8z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Activator.exe
Files
-
06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71.zip
-
Activator.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ