Static task
static1
Behavioral task
behavioral1
Sample
specifications.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
specifications.exe
Resource
win10v2004-20231215-en
General
-
Target
f12073d1fe5de625e27e1e4001209cb02176472fbd0f3e5910299c6e5f361890
-
Size
342KB
-
MD5
5e2749dc1d0beed328f313b6737959fa
-
SHA1
9482b1677c117de076c2783806430e0cd351c743
-
SHA256
f12073d1fe5de625e27e1e4001209cb02176472fbd0f3e5910299c6e5f361890
-
SHA512
301a891c1b0219ab91ce16a5e13938c7d694cb42e2694af235d2881977ff0673484a4dc303f811d01b2427269259dcbdcefd8c974ee6721620c70c2ef36c5e96
-
SSDEEP
6144:m54L5P2cXDoA/zO+wDnxNGkiBhBgLds44Ky2x0Cx0YOKoKAtrgt:q4L5P2czXWL7EBga44KlWdaZtt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/specifications.exe
Files
-
f12073d1fe5de625e27e1e4001209cb02176472fbd0f3e5910299c6e5f361890.zip
-
specifications.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 423KB - Virtual size: 423KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ