Static task
static1
Behavioral task
behavioral1
Sample
PO#202312.exe
Resource
win7-20231020-en
General
-
Target
PO#202312.zip
-
Size
630KB
-
MD5
81079114169c3dc1157888168cd88c82
-
SHA1
2b83664fa2af21b27d6e547200c774e33bfeda89
-
SHA256
79c876d02fe3cbb401a8862883da6c028ab59ddab08d442f81ed1c1ac735ad57
-
SHA512
296971840ccd983eaff0e20e0afd8898e5814de5c96f09ba4b037af5adffef7a63da9e52fe81489ce9fb24a7055db4d9413c617e068b32fab73b4328f73da84d
-
SSDEEP
12288:QGC8+be6/3YOxozSso6nYMfbW39WWN3gDWH/tIfUWi2ZNRT5xaduCWz0p:VCHq/Ox8o6npzpEgDE/tIfU8nMduCEW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PO#202312.exe
Files
-
PO#202312.zip.zip
-
PO#202312.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 646KB - Virtual size: 645KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ