Static task
static1
Behavioral task
behavioral1
Sample
INV-PL (KF-20230920-KB) ???????????????????(?.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
INV-PL (KF-20230920-KB) ???????????????????(?.exe
Resource
win10v2004-20231023-en
General
-
Target
INV-PL (KF-20230920-KB) ???????????????????(?.exe
-
Size
491KB
-
MD5
d7efde7a4ae17a23044520ef4b1d6580
-
SHA1
625c66ee9ea45af883ddf19d98c730d24838204e
-
SHA256
989acc1c32f6dab02d1d29f18483f94d98b0708ddb057ce7404c348cb2b073f7
-
SHA512
a32589592835e4ce1fe2986e8728add41a75028f7c77885f2a8ed991a9d662419f93f10449f3f0947cb88f078f9d70dbc0803ab78a896146cfbc87be2b24403c
-
SSDEEP
12288:SZEMFB+H+5qrrQaj+o1Dz1eh0910GxAVU9DGe4:x8sSApb910Gay9R
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource INV-PL (KF-20230920-KB) ???????????????????(?.exe
Files
-
INV-PL (KF-20230920-KB) ???????????????????(?.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 478KB - Virtual size: 478KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ