Static task
static1
Behavioral task
behavioral1
Sample
496bfb62aa9388f5da83fa5323669071.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
496bfb62aa9388f5da83fa5323669071.exe
Resource
win10v2004-20231215-en
General
-
Target
496bfb62aa9388f5da83fa5323669071
-
Size
2.5MB
-
MD5
496bfb62aa9388f5da83fa5323669071
-
SHA1
f67edee42833c5098172a5ef7c739ce58cad1df6
-
SHA256
d4b9a31a3142f08e7899330ed94e9fd814bd032f288d2ec1ea897a0613a925ce
-
SHA512
40896659f24c642ad7391fcda37609bec01928200e2630a2671eb6955794f77d0d5694a79e45565a3012edf9756e0c7a4260823deea67d27aa76631a02912711
-
SSDEEP
49152:SqxNm7JM84phmUi6AjW/MUSdGRf3/L35DMnCIjtAy:fNm7+fKjxAZW55
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 496bfb62aa9388f5da83fa5323669071
Files
-
496bfb62aa9388f5da83fa5323669071.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ