Static task
static1
Behavioral task
behavioral1
Sample
wqDwSbGtMaDIJeV.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
wqDwSbGtMaDIJeV.exe
Resource
win10v2004-20231023-en
General
-
Target
532b89aada5bc65610318c34dc9ed43ee8ee6b2e31e32995249192370f0f8ee9
-
Size
742KB
-
MD5
c5ec5eb4559f3b70ee531eeee81e9552
-
SHA1
a9c50ba9473a14064a5bb0e6703609c32c1171af
-
SHA256
532b89aada5bc65610318c34dc9ed43ee8ee6b2e31e32995249192370f0f8ee9
-
SHA512
fadf78f5423e73f696201492d590667ce7accd366bc30157964322d4da1d25267a096d70cdda8f31de9769f8eb991254703ed31ab18a968f9c0c3175c62bbc95
-
SSDEEP
12288:CweQZS9AK4QWsGyKFyQX0ed4AkOa7CK5eT7poKHYiGsncgGqkSK9vrGobKterC:n09XWPyKFt4Ah+p87qKHYicPSK9vrGoU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/wqDwSbGtMaDIJeV.exe
Files
-
532b89aada5bc65610318c34dc9ed43ee8ee6b2e31e32995249192370f0f8ee9.rar
-
wqDwSbGtMaDIJeV.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 830KB - Virtual size: 829KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ