Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230831-en
General
-
Target
tmp
-
Size
6.3MB
-
MD5
02c02920de30db7f8852973ec8bdfedd
-
SHA1
e4eebf1a7db4f7066a8748dc5a06159f62e3502d
-
SHA256
1545479f31f7b015e2a4865266361821f6ab1870f0a9e067644d19038e2f95fa
-
SHA512
72e6bfb78de55652ea3e8880d978463d88b0228d83d6c37e382e0a6b6ee40c90de436aa7759268b7dc1f4cb2bf0e957599ae2f7c967140a6b39168a309303ca6
-
SSDEEP
98304:mDzZVbr78YSL4MXWqb4Bp+fzv5YrHDKewNm95Q6ICj6S67haR:mHZVobip+fzv5oCcQ6ri+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource tmp
Files
-
tmp.exe windows:4 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 299KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ