Static task
static1
Behavioral task
behavioral1
Sample
21a174a42902e4e830e224ea8943c76f1a0730edafa280a99b09b5597c96af95.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
21a174a42902e4e830e224ea8943c76f1a0730edafa280a99b09b5597c96af95.exe
Resource
win10v2004-20231215-en
General
-
Target
185eb9ebbb379bf2b5dd37e5ed92eee1.bin
-
Size
307KB
-
MD5
63ccc6ab63640428f7f1711c58f65e3c
-
SHA1
91bafd7766dc012b4f2aace7a9edf15278556519
-
SHA256
6712664df402066332841e2a18d6d846a5ff23c5a4f78e3cf1b0d1ed74939618
-
SHA512
278ff88f5b49cb22a2c9adeb82630e10ca628a4c92ac41284703227a1454f4ad7fe3fe2005d82d9476ddd3f8beacbc781052d118b02e592a9477c5bcbed77920
-
SSDEEP
6144:tc7ADngQCF0Dyohl6JyNGur5dUDDRCTU7/8OY4EYwcTIfxbKjPtH:tc7AjgQMiThl6JWH1dYtCTU4OYq/Ifxe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/21a174a42902e4e830e224ea8943c76f1a0730edafa280a99b09b5597c96af95.exe
Files
-
185eb9ebbb379bf2b5dd37e5ed92eee1.bin.zip
Password: infected
-
21a174a42902e4e830e224ea8943c76f1a0730edafa280a99b09b5597c96af95.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 432KB - Virtual size: 431KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 117KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ