Static task
static1
Behavioral task
behavioral1
Sample
91x238L9RRduvJF.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
91x238L9RRduvJF.exe
Resource
win10v2004-20231201-en
General
-
Target
91x238L9RRduvJF.exe
-
Size
804KB
-
MD5
49b446341decd153c56637ef759c0612
-
SHA1
ce42d15a9ffd291c89a8810217b0f9ae7d6f85ce
-
SHA256
d3842fcfe3df7efedf048a12e97555a857b59a43c26308a47aced12a1edcc428
-
SHA512
6b4c90e5387b1e22f6dddd544fa36cfa39e8d3941a49640502ce01f085528270fe51b9a69e1f19f5ee21a1ca2073ce00a3c79904c6172659ede44613917debae
-
SSDEEP
12288:WRbKE6jD/62iNG5nF8BmMzeFjdrpAtKbG4O7Xx/cKT53n11Yu8j4b:WNKtD/61IGmTlpAH4M9cKTpwu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 91x238L9RRduvJF.exe
Files
-
91x238L9RRduvJF.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 801KB - Virtual size: 800KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ