Static task
static1
Behavioral task
behavioral1
Sample
REMITTAN.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
REMITTAN.exe
Resource
win10v2004-20231127-en
General
-
Target
9f2803110567135a2498da26df47f89c6aee074c02454a4dc7fbda445bca02f6
-
Size
1.2MB
-
MD5
dc3629c689f780b0330d0f735744a963
-
SHA1
08bb20ee11c5e912a2b4d8e52400cf929c241696
-
SHA256
9f2803110567135a2498da26df47f89c6aee074c02454a4dc7fbda445bca02f6
-
SHA512
b406b51b5569aad5c891cdb3dcab68af66e87dc3efb0dc4751ab55d1e9bb6edb9b50e139a380dc23b7e1f1274ca4cc665ae9b45332e748c22a5cd49c9e57d29c
-
SSDEEP
12288:GA5nF8ME6jD/JtIZbg9wvaCZ7DJmplbk9Kp73U2w8IADhncWPh1CFhL4Olij:GAPtD/gZKaBDugo93PNDhncYh1CFhM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/REMITTAN.EXE
Files
-
9f2803110567135a2498da26df47f89c6aee074c02454a4dc7fbda445bca02f6.iso
-
REMITTAN.EXE.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 718KB - Virtual size: 718KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ