Static task
static1
Behavioral task
behavioral1
Sample
80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe
Resource
win10v2004-20231215-en
General
-
Target
80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe.zip
-
Size
603KB
-
MD5
1f5f88d56cb66abb0157a30c8a6aec47
-
SHA1
d81715224c5bbb3cc57c27fc61ca18c267a73c52
-
SHA256
d5830f8d7c12c0107a8dab8b85f8ce2e9cee269a2eb39215340333b11f22dbb5
-
SHA512
1f23f09565de91ffbf527b1ad30894f39e3981fdbc89df922ca610dd634b74e61e1f45b3a9a5cea48984fa6de2714e85cde3a37d72c74aa6497193eaa395a77e
-
SSDEEP
12288:K15z5BdEEElrcB2gFL0GxNNp5ALgjMxxqyBgwvcpCsrd27ORTY:KXtEEElwlFgGTNAk6qcbv207ORTY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe
Files
-
80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe.zip.zip
Password: infected
-
80ead9d3f7fc0013a33442882cd6b1ddb65543207d4a225db729ebf5bcfedc96.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 938KB - Virtual size: 938KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ