Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.19071.exe
Resource
win7-20231130-en
General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.19071.29210
-
Size
663KB
-
MD5
ffe2ddbe2537808b1624d03a4022d9c9
-
SHA1
7474c0969e4964cd4b637dc8bd6a1ac3b059ab1b
-
SHA256
6c2f5afa91ac37f222db8a2055e183efc732e08596f9e4cb664d0453ac5c8f3c
-
SHA512
9f4cc453010b576833e7f77b94d64abbbfc70f1ef2d0805e475c74e1f4910b6694d42f50fb28646170cf86260d48dda29ab142ca81675c7fe66520657acdc036
-
SSDEEP
12288:5JG8+4WpAEdy73wnXhlVIOgDSjyqMBbGm1jz4MUrHc1AL4N0s+:ApAEE8xJgDS+qMhGYTUme
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SecuriteInfo.com.Win32.PWSX-gen.19071.29210
Files
-
SecuriteInfo.com.Win32.PWSX-gen.19071.29210.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 647KB - Virtual size: 646KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ