Static task
static1
Behavioral task
behavioral1
Sample
audit_XINHAITONG22_1004738_1_2023092210.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
audit_XINHAITONG22_1004738_1_2023092210.exe
Resource
win10v2004-20231130-en
General
-
Target
a49525ba0e820d5685d484e24432f8267caa136f587238615cd06b553e8a3b45
-
Size
672KB
-
MD5
0918d84cfc3b937476763874f31ac07e
-
SHA1
8477f60ea32eeae52102b295cb6b0a931b8bdaaf
-
SHA256
a49525ba0e820d5685d484e24432f8267caa136f587238615cd06b553e8a3b45
-
SHA512
e6aa6ced9d25448acf9f572a33dd036457229d59140786891e035a6d2b0af66b2f54d58e8b5233ed846c6bb6aa634b7dadbcc26f68f05b7a49682de5dac49da3
-
SSDEEP
12288:E0QEmt907+yqroeKFOb8B5XlbO45fh7j2sUhzo1w40EI0A4JN6QNGDTs:E0QEmvPVRiOb8BDF5fhaVoy40EIl4fNd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/audit_XINHAITONG22_1004738_1_2023092210.exe
Files
-
a49525ba0e820d5685d484e24432f8267caa136f587238615cd06b553e8a3b45.zip
-
audit_XINHAITONG22_1004738_1_2023092210.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 688KB - Virtual size: 687KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ