Static task
static1
Behavioral task
behavioral1
Sample
dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622.exe
Resource
win10v2004-20231130-en
General
-
Target
dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622
-
Size
693KB
-
MD5
b918aa89a363f91295ee9999b77d65f9
-
SHA1
8227eafe3186f49bef2b63d2c32bd3b1c50e11c0
-
SHA256
dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622
-
SHA512
9474577101f3f516e05a1c64b3b31500bf5f6343d9a47b913e240db8999bd5a09305fe58e152bab50f672860db807f417c2e7d7f9dffdc648841b2602847a5c6
-
SSDEEP
12288:XueH5qp5ImjiCLAj4b+lH7xUuQiePh3dQuKGcteTr4eN:FqAuDjb+Pf6hFKGAh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622
Files
-
dcbddff42e50fade6b316fdc7318a4bd625ce6aee2fabd2e51c2b41d81496622.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 690KB - Virtual size: 689KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ