Behavioral task
behavioral1
Sample
423ed13c6b20c60c45e2e72da11c03c6.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
423ed13c6b20c60c45e2e72da11c03c6.exe
Resource
win10v2004-20231222-en
General
-
Target
423ed13c6b20c60c45e2e72da11c03c6
-
Size
98KB
-
MD5
423ed13c6b20c60c45e2e72da11c03c6
-
SHA1
3f35fdd4756a5e4cd170c5ab028b36b7fe2417de
-
SHA256
e4ce0de5ea6786d8046c1cddaae8130a67eb06da620ba0edc52bfd93ea6bb67e
-
SHA512
d77569ea3061a073622d17bde0d4adc1cbf5b530d34327edd4dc526a6c55806b8973ba15de7fd8922fc48b900cc01a6abf291794724ab0392fd1089c515cf2e6
-
SSDEEP
1536:h3LNmoc20HVdXKn6EixyJFasmbfexv2uvUyytdg58bqCxXsEWG6ijoiga:hxmoclAJkhg2ucysdQSnl
Malware Config
Extracted
redline
PLAYMESSAGE
188.119.112.51:50115
Signatures
Files
-
423ed13c6b20c60c45e2e72da11c03c6.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 94KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ