Static task
static1
Behavioral task
behavioral1
Sample
PR6000570.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
PR6000570.exe
Resource
win10v2004-20231130-en
General
-
Target
PR6000570.exe
-
Size
687KB
-
MD5
77f9482eebf5738fa5794c156d521179
-
SHA1
27412eb4675c9cbcc09e309b30667bfe724276a2
-
SHA256
1868580d2be029a52f049250e2db5d3e54f300bd8004a14f54398be123aaa478
-
SHA512
5ebb5e4e07a1d88daf6e4ea8aab6d8dab9ae84d39e3a4a1d95a17970027a66405e599c0e36e91811f925a298b67006d9f3b2eeb3a0f61e0940a857640b5647ad
-
SSDEEP
12288:IRKE6jD/62iNG5nF88DhobDdfqSgtf6orWVEOeRdWqfK94S7n7hNu:IRKtD/61I5ho35qB6orjREN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource PR6000570.exe
Files
-
PR6000570.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 684KB - Virtual size: 684KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ