Static task
static1
Behavioral task
behavioral1
Sample
a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.exe
Resource
win10v2004-20231023-en
General
-
Target
a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.zip
-
Size
509KB
-
MD5
4ceae2f236ff98c719856bf37460b8a1
-
SHA1
8f18b91fde4b0dfbf026e8f5c7dbd366c77d6a52
-
SHA256
8fb80ea737ad3dde176d64598d304be20ba317f45b1d9dfb4d418d27ea99fa3d
-
SHA512
7a6017d7a756540de93222e2e5f608fc637cf4f8f9b94a6e9ba71eb38ad03d04f3ee9a9753c193379926c0f334476321887722b22d65d2007dc1e7cb69c210b8
-
SSDEEP
12288:NymZ1gP2hK2WG63ePFcrJXDmlPYklfYND5qfypP4cx56qSyJE8ODvo:vZ1eg638CJmlwFyiP4o56qZJEXLo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.exe
Files
-
a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.zip.zip
Password: infected
-
a65172838dff0b366ecc526b58f59689d1d86110dc2b949443a63ac8cd8008c4.exe.exe windows:4 windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 543KB - Virtual size: 542KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ