Static task
static1
Behavioral task
behavioral1
Sample
7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe
Resource
win10v2004-20231025-en
General
-
Target
2cb5798ff00115e6cdbf7df025b895e2.bin
-
Size
658KB
-
MD5
2274e8dc21463715df1cfebe24795f32
-
SHA1
2cdd3b76270354ccd25046cf17f3803dcb4c6fef
-
SHA256
68739a6e355818f30aa33ff4298fb03d2258740ef781d814931c9d717b0c919d
-
SHA512
43c8c57c378a30de2f60d290e44fe4eaa09facee52aa231973956f9a2f09ea1b7e1622948365735311f6d854a9f858c0218519c3e70a1119b3090449a8533e0c
-
SSDEEP
12288:8/3XJ6kOSnNCgjJGycyC8nPhoSzuGaUegkN/PjllpRzzcmCGSFwiYNlssWRAg:UnJ6Sn6yphjxleg6TlaVGozWltWRt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe
Files
-
2cb5798ff00115e6cdbf7df025b895e2.bin.zip
Password: infected
-
7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe.exe windows:4 windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 766KB - Virtual size: 765KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ