Static task
static1
Behavioral task
behavioral1
Sample
ebb6fad910c99d151b30733b624e8f7e555eb7de7caaa66d65b9e7114c433f56.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
ebb6fad910c99d151b30733b624e8f7e555eb7de7caaa66d65b9e7114c433f56.exe
Resource
win10v2004-20231023-en
General
-
Target
41bce404371579a1e6db304042d2e72e.bin
-
Size
25KB
-
MD5
b4d43c802e6c8b152be666dd2f4455bf
-
SHA1
241edbc93e25b60455a4704a28fc132a34c47bfe
-
SHA256
99863c2b4f9560c1dfd5430f9862d225b28b84a3a8caa58d5013d2a6514ec2b0
-
SHA512
34abe77215c34201028d54b9a9a392a386df37145db2dc5ba2bb3628f4b18ea71cfd0ec881f8c31adecc5d30a7fe88be144c22d1806371020f2a979224ce86c4
-
SSDEEP
384:ZASXH4D3xOQjBpw7UfxO07OSoGikZQCaD+zRk2AkCL1npnAwd0qTaw0Rg8zkxG9b:OSXH4LX1f4u5iOD7RatppTyg8zk+nhUq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/ebb6fad910c99d151b30733b624e8f7e555eb7de7caaa66d65b9e7114c433f56.exe
Files
-
41bce404371579a1e6db304042d2e72e.bin.zip
Password: infected
-
ebb6fad910c99d151b30733b624e8f7e555eb7de7caaa66d65b9e7114c433f56.exe.exe windows:4 windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ