Static task
static1
Behavioral task
behavioral1
Sample
8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe
Resource
win10v2004-20231020-en
General
-
Target
cf89a03d499a9da3518a943bdaaf3f9a.bin
-
Size
442KB
-
MD5
549fc6e30c8196c835566875e88099e9
-
SHA1
ee2e914f73b78ccb7f5b7618826be3e6c903342d
-
SHA256
ee17941713be610733db7fe7fe5fae7bf2bcc3cc5dc5b9bba593c6d624dd631e
-
SHA512
08cc94f88ea30a7bb3b6ae96bf2191bfd3ddecd9631162e68282da3ee52156601fe66ed5fe51d1649e7bbddb0ea340b469e098b1e06c9360063ec48fdeb45c0e
-
SSDEEP
12288:m4AeEHXZyC0XF28yzXomWiDoL3GMGJwSadrXww9e:Z7EHXwYbXlsGNJdadrXG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe
Files
-
cf89a03d499a9da3518a943bdaaf3f9a.bin.zip
Password: infected
-
8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe.exe windows:4 windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ