Static task
static1
Behavioral task
behavioral1
Sample
59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.exe
Resource
win10v2004-20231127-en
General
-
Target
59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.zip
-
Size
830KB
-
MD5
0df72c8341653da7ffa5fe7a2f3cc4d7
-
SHA1
0fdeaff6ea5103feb37a303f661cd5ad4457d78d
-
SHA256
26b50a4bab3006b3d5212c684309a83c0cafe86470b8df34dba46072fff84db7
-
SHA512
5d4078f7179f6b0055f8c20b4dd53dd459b8eba5ded72ebb6a4e49e968d5c11a14ca18bb0e45c6bbb24b237bfb8e6cc7898c6d82331bc4ee7ad07798685fa902
-
SSDEEP
24576:vyRpLfW/sSLPBGtjR/lYJUGrvwKvZByvUBFUBf:4jSsOPBGbGMKvZqLf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.exe
Files
-
59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.zip.zip
Password: infected
-
59494a51618f234021c0dae2d87667ce9e431b8a75a1b4952d3e48bf71492fbb.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ