Static task
static1
Behavioral task
behavioral1
Sample
DekontParaTransferiBilgilendirmesi.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
DekontParaTransferiBilgilendirmesi.exe
Resource
win10v2004-20231201-en
General
-
Target
DekontParaTransferiBilgilendirmesi.exe
-
Size
721KB
-
MD5
4bcbd21fd84d7e8dc54aac25a98af859
-
SHA1
51e15f254ed48918481f5f41bf13827607b234e3
-
SHA256
b8896f83c476a5ed9b16d119b9d585e7f38a736330dde02a791dc299ebb64606
-
SHA512
1d730a30fcc98aeeb110641ff64f9b3b57c11e2b46ba343bbac6b34349ba504c00c015ceaf2141f76f987f0f515e5d918b1903a0b19ed20eff16e28314bd0f87
-
SSDEEP
12288:BF5nF8ME6jD/dIlOyAgJK7+wMisVjk61mhbJYiDmBUMdUk8PBL:BFPtD/2OjUi8kmmFdmuk85L
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource DekontParaTransferiBilgilendirmesi.exe
Files
-
DekontParaTransferiBilgilendirmesi.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 718KB - Virtual size: 717KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ