Static task
static1
Behavioral task
behavioral1
Sample
ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf.exe
Resource
win10v2004-20231127-en
General
-
Target
ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf
-
Size
373KB
-
MD5
5e0108b8d42ce8169e28692e0f144b98
-
SHA1
292ece7e8e65348339bdd9c8fc1c2371f39a1b16
-
SHA256
ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf
-
SHA512
217c5f05f044cab4288d8acedcdb7b2d9afcea6b68c9bccf80baed983e66164abd0e51de2245459da8ec2435a229e7d6735435d452123c5a0e5422975b4d8603
-
SSDEEP
6144:utStuRpDW2mzTcE8YedXudHL/SEOAzqI3dKWP6IkR9fTIlVmJCf5/YJg+lEjqJE:uktuR9W2wTcE8/dedrSKl3ws65VElVEC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf
Files
-
ca4f67cfea7c66c6a46c0a7ab0564260836aacd3bb50dde935672f1be920dbaf.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 360KB - Virtual size: 359KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ