Static task
static1
Behavioral task
behavioral1
Sample
PO 1100112186.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
PO 1100112186.exe
Resource
win10v2004-20231020-en
General
-
Target
PO 1100112186.exe
-
Size
469KB
-
MD5
6b676e72f5850ce4aa0f3878ac4cd1c3
-
SHA1
674094e918afa0254f6dacce42d6a0c8dac57104
-
SHA256
7cdaec4816187a281084f9274bed4893b2d850bad9ceb7d0bdd4571fbbaa5cb7
-
SHA512
ef19530fb734e5f952f5f95f68cdf860a80d09c540a691868d007110b330bba31e5a27ac65c3b34c0764e27adb153fa6f470588e2c5323b559c3153f8ac53514
-
SSDEEP
6144:Fb+wCKrBMNitx22SYwhe4nhLkgypkkeCCcFsPe35bgaG/vJZsL:J+wfr6wdSYge2I8wCcL35bgaGps
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource PO 1100112186.exe
Files
-
PO 1100112186.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 463KB - Virtual size: 462KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ