Static task
static1
Behavioral task
behavioral1
Sample
Vessels details.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
Vessels details.exe
Resource
win10v2004-20231020-en
General
-
Target
aedd4f72fbf47730d604f6923ece737d.bin
-
Size
299KB
-
MD5
aedd4f72fbf47730d604f6923ece737d
-
SHA1
56d94fa9ede964901532f9abe2e9a9badc55e48d
-
SHA256
c839949bc2ef0120313e192d7d13d39fae8fbf993edf477ca2aa074f745709ec
-
SHA512
528115da6ae5567ac7033390a903f23725af1f7f440fac6d4a11226a72f5355578d5bf7bd516f180fc8eb8a59eb6fe463dc1c655a56d5806b348bc71352c40ab
-
SSDEEP
6144:E7i7/EQGESYXT5hbq/Rqr2Z9rv6il5R17+y+NzKJx6vZy9Gy0:E7Aj3q/koyilR+ykoGy0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Vessels details.exe
Files
-
aedd4f72fbf47730d604f6923ece737d.bin.zip
Password: infected
-
Vessels details.exe.exe windows:4 windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 372KB - Virtual size: 371KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ