Static task
static1
Behavioral task
behavioral1
Sample
GooseDesktop.exe
Resource
macos-20220504-en
General
-
Target
GooseDesktop.exe
-
Size
221KB
-
MD5
c883e2c769ebe56240a71260b17f1b93
-
SHA1
4a831d4f48f6ea81db508c2a87cf860acd17edb1
-
SHA256
943fd1ea44266c5d7fa02f2b292db095a4e6ba8027a1f6c73fd60d1165e63aff
-
SHA512
dae40d442794152285ce484b10095d11592a39cb1968bd38cc70ee23005bd1e04ad4312d7266107bdd375e10fa91ab9fd3d41d4d6ccd2268d052b343528c4376
-
SSDEEP
3072:gzebbi+ndU/n6u4WhGINz6tFvaxWt5H3ANdl3Mn4bqwyW13B26wqIl9nNwo3WdZj:gzQU/n6unYCW74bqwye3ijlDwocZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource GooseDesktop.exe
Files
-
GooseDesktop.exe.exe windows:4 windows x86 arch:x86
Password: goosie
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 194KB - Virtual size: 193KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ