Static task
static1
Behavioral task
behavioral1
Sample
PRE ALERT NOTICE.exe
Resource
win7-20231023-en
General
-
Target
PRE ALERT NOTICE.zip
-
Size
630KB
-
MD5
56f259a2768f693e642ec56a177ad82d
-
SHA1
be3b12ae6374791211f0cb36130d4b23a9869795
-
SHA256
e13b5c76e67e9bc7d731f4a36fa0b9b15c661bac4f35f8bc92e7c61a526f4811
-
SHA512
ba075c1809a9c1f66638fa4587815a12abb13257b0680d6a878161bdb26272eabbb37c1e5faba4404c4acb63d8c2df9489231a34c9efaca9257fd2d4edd136cd
-
SSDEEP
12288:eGC8+be6/3YOxozSso6nYMfbW39WWN3gDWH/tIfUWi2ZNRT5xaduCWz08:XCHq/Ox8o6npzpEgDE/tIfU8nMduCEB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PRE ALERT NOTICE.exe
Files
-
PRE ALERT NOTICE.zip.zip
-
PRE ALERT NOTICE.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 646KB - Virtual size: 645KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ