Static task
static1
General
-
Target
Email-Worm.Win32.Bagle.dc-1cf355c52203c3e77425d4649b7285fbe825e7fdaad14e4434fd33b524804b51
-
Size
93KB
-
MD5
66099e1754133a63c62bec9de0f6c640
-
SHA1
406b15896fdf32251c7ab855e8266987c96c852b
-
SHA256
1cf355c52203c3e77425d4649b7285fbe825e7fdaad14e4434fd33b524804b51
-
SHA512
9803bb75f459d82ca34d61fe6190bad713ec77196f4e1065cd44cae33f8622bb59ad44dd146524db42a09277aca4ba9630864620e2407903a5b4ae61d94039c8
-
SSDEEP
1536:wQsNZGWTK9yVbZJW/6TaQog1ohnqyN9QZsw6cF9r+U2oOKOAiNAPD3xpddpD4cE:w96DcbZJWYa0uqyN+ZswRF9SLohOAiNB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Email-Worm.Win32.Bagle.dc-1cf355c52203c3e77425d4649b7285fbe825e7fdaad14e4434fd33b524804b51
Files
-
Email-Worm.Win32.Bagle.dc-1cf355c52203c3e77425d4649b7285fbe825e7fdaad14e4434fd33b524804b51.exe windows:4 windows x86
Password: infected
18c8feeb8262906e2a2dc356a538b424
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryA
ExitProcess
user32
MessageBoxA
Sections
.text Size: - Virtual size: 113KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 940B - Virtual size: 940B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE