Static task
static1
Behavioral task
behavioral1
Sample
a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92.exe
Resource
win10v2004-20231130-en
General
-
Target
a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92
-
Size
632KB
-
MD5
bdf17bc9572ea9688f7197170c9e8ba5
-
SHA1
51b46673afb0cc49ef3159c2f6b026832b4ceeef
-
SHA256
a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92
-
SHA512
42217e461b74b96805b8a0cfb4733dca210485dfdc6f44bf578ccd50d16ced83e2a0ba0bda3426671b51368d9508f7fa397653c5db4881cf76adcc39566f82eb
-
SSDEEP
12288:645+po2mrMbymdO0XIgEPtYz5w62FEASUjJq4tiNF/3M3Guc817:Z+pJrrdO04gwtYz5wrF4UjY48NF/Tuc8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92
Files
-
a79b1f114580faa92faeb2e6bcd6dea0dfa24f28abdacb227f18cd4b16a27a92.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 624KB - Virtual size: 623KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ