Static task
static1
Behavioral task
behavioral1
Sample
PO8687.exe
Resource
win7-20231020-en
General
-
Target
8545816561e1711c0cb155440ef3b97384ed612afd78e8b8a854468cc38ab4a7
-
Size
606KB
-
MD5
6956c4522433de8454f892082b383745
-
SHA1
0b8002969f969bef46a5984ce6e0f67dde9cbd58
-
SHA256
8545816561e1711c0cb155440ef3b97384ed612afd78e8b8a854468cc38ab4a7
-
SHA512
33b01c86d4397a6a3872c11f33bfd36db0a18213c18fe677d51847b28be11a4d41b2487161140263f9e4bf2b1c0f06aac2c159c4884112ee15d409be68e47f0d
-
SSDEEP
12288:fnLtkpUg6t9w35j05Yva7QQWFE1NsxYSn:jtkOtm35j6Yva7QQqQs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/PO8687.exe
Files
-
8545816561e1711c0cb155440ef3b97384ed612afd78e8b8a854468cc38ab4a7.zip
-
PO8687.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 605KB - Virtual size: 605KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 155KB - Virtual size: 154KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ