Static task
static1
Behavioral task
behavioral1
Sample
Dekont.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Dekont.exe
Resource
win10v2004-20231127-en
General
-
Target
1AA6CE84E6ECC2E3ED2A9B3F6267C215AAFFEC748D7F644818F472BF8E784BF6
-
Size
342KB
-
MD5
bc32e5fcee40fb3822115574adf3664f
-
SHA1
172e3f3da5153b005e2c2beccced4caf9d28746c
-
SHA256
1aa6ce84e6ecc2e3ed2a9b3f6267c215aaffec748d7f644818f472bf8e784bf6
-
SHA512
7783b8464e5d27d1feb21acc5b6815c3eaa9b3c8181d6a08d5ef8042d44c8366dbc780a42eee168ae9f0d9798077d1ae41f95d59d6e3179c6a02530707c91a99
-
SSDEEP
6144:vg3pJnVZega60xUBij0b4FQwruWCOjnG2eEgT5QmV/Sil6:YZJnMiBuFQxfUG2eEgKm1w
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Dekont.exe
Files
-
1AA6CE84E6ECC2E3ED2A9B3F6267C215AAFFEC748D7F644818F472BF8E784BF6.rar
-
Dekont.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 358KB - Virtual size: 357KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ