Static task
static1
Behavioral task
behavioral1
Sample
l81rhzIPTizNWD6pnZPRSFEDal16Xy1T.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
l81rhzIPTizNWD6pnZPRSFEDal16Xy1T.exe
Resource
win10v2004-20231222-en
General
-
Target
l81rhzIPTizNWD6pnZPRSFEDal16Xy1T
-
Size
13.4MB
-
MD5
6e08d023664e3f4e835ec3ec198b883a
-
SHA1
43f2f3321a51f1ca308af891d2e1dbaaee48b045
-
SHA256
791cb146ce71d27b52dd233a80f5ac4e63f69d49af07a53850954da93ff439ad
-
SHA512
41d44ed76ecda43eab891a2e07cb43481478c39797e44ed017654a8bca346b90bfcf4f444532d8e9765173c2e9b26d5f524fe42ec9a7830230fedbe21f9e0ec1
-
SSDEEP
12288:bu5DqC9/n1D0jAV8eCeoIl1TroJMExsi+vakV7tbQ3KtwU:buDXVsUThTFyJm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource l81rhzIPTizNWD6pnZPRSFEDal16Xy1T
Files
-
l81rhzIPTizNWD6pnZPRSFEDal16Xy1T.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 432KB - Virtual size: 431KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ