Static task
static1
Behavioral task
behavioral1
Sample
4d3583917fb1f539f92f945f0f298b2c1766ac27086275600eab721b8e9fbd90.exe
Resource
win7-20231025-en
General
-
Target
b739c3eba37aa9999fb2d15ab5b9c680.bin
-
Size
9.6MB
-
MD5
b8bf03903e0fcaeaaa6cb897d846b5cf
-
SHA1
692c60cb0044f0637974560fefd829b7956f239c
-
SHA256
a10c7b2ff53a0dd69b61fd972a2830c127347296097b681de5ac374294005463
-
SHA512
dd54b85d19f1507dc0216b06ae7fef687ad31cdfabccdd35020bbd521856fffbb067069bb2b9d177158c560a23d207de041ea94df2ca29fe4074d146629677ea
-
SSDEEP
196608:ipaAyxyRem7pScSRYaH/TS64EIIaAGOHt2hxnLZCWh3ub:icAoyoVcda7+8aAIhxnLZL36
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/4d3583917fb1f539f92f945f0f298b2c1766ac27086275600eab721b8e9fbd90.exe
Files
-
b739c3eba37aa9999fb2d15ab5b9c680.bin.zip
Password: infected
-
4d3583917fb1f539f92f945f0f298b2c1766ac27086275600eab721b8e9fbd90.exe.exe windows:4 windows x86
Password: infected
a9c887a4f18a3fede2cc29ceea138ed3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
msvcrt
malloc
memset
strcmp
strcpy
getenv
sprintf
fopen
fwrite
fclose
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit
shell32
ShellExecuteA
kernel32
SetUnhandledExceptionFilter
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 4B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 752B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ