Static task
static1
Behavioral task
behavioral1
Sample
2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6.exe
Resource
win10v2004-20231127-en
General
-
Target
2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6
-
Size
428KB
-
MD5
9ab42dab7f35c8d542ad44e9e6c0f0ca
-
SHA1
a6f0aa4fd5141c92cb506a77b1c3604c7a60d608
-
SHA256
2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6
-
SHA512
fe7ca1ace6cbd1a410fc96d3f92e19a53f0d7b46cfe458ab076b2fd59704e7a1d72833526a78b1c5a469e961f5735b8874c00fdaf11fa097a8e99db55f5661d8
-
SSDEEP
6144:Q7XEhgANGThYl152Jnu9u95ik0uZWRQ6uX7Ee/AnBDxq6Tlv2222+v8WEjeNplzQ:thgANZl1SuMLikaI7TIxq6c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6
Files
-
2cdcc1d29030507ba28587a131f8b98b8c2ae4834524b5e1b584937ce0527ef6.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 290KB - Virtual size: 289KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 137KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ