Static task
static1
General
-
Target
Arsenic.exe
-
Size
12.8MB
-
MD5
265fbd75ed7017cca3afbcd18598ef24
-
SHA1
8a950621157778f0ef8c25c5d8d0bf9cedc0fa2b
-
SHA256
60e6f59031e28817a048f20bb06ec97638fa3ed189bf024742800f9066db0cb1
-
SHA512
83906285cf136b594fe571f52b3b35e48fc6e2b7e5244b9c1c471f230ec30d752d54c00f54467258b2714ce3b3035ad16a896f875bbeffbe60376298e8e74c6e
-
SSDEEP
196608:FUFS2Macs3JgSOown5nJPJOamu7CcUG4raKu24YY7HVT4hV0AD6QgqKRgX:Gs2rcsLOownDEuYmKr4YYH+EUWpgX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Arsenic.exe
Files
-
Arsenic.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 12.7MB - Virtual size: 12.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 110KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ