Static task
static1
Behavioral task
behavioral1
Sample
ccc.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
ccc.exe
Resource
win10v2004-20231130-en
General
-
Target
BL copy.zip
-
Size
690KB
-
MD5
18eb11b7d5bcd114e1f4232322148107
-
SHA1
74368632616c09542a2d9d52576d649a5006ef45
-
SHA256
cfcaa86b82ccc8a8f2ba738e1411862316c945de73d22ccc72bbce99b8aa192c
-
SHA512
6945a2595e544582b67f6f9d188ef1c0ddec1ba10eb3a6eedbcb2ec1ef4d23c863fa2802e434a447b79f28ac0fc3a2627d0952a6c59ce7774d532879e6106f52
-
SSDEEP
12288:pGA9i03rrTNY/NfSLGyj30kNUjJ88976Mc1+w5WNc1pHJ1hbsYPq:pM03rPNFLGkNmC899frNoppbi
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/ccc.exe
Files
-
BL copy.zip.zip
-
ccc.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 797KB - Virtual size: 796KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ