Static task
static1
Behavioral task
behavioral1
Sample
c73bb19710439d291c7c21e3632ca7122fc85c14b0eecaaaeeda92daf5a833ae.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
c73bb19710439d291c7c21e3632ca7122fc85c14b0eecaaaeeda92daf5a833ae.exe
Resource
win10v2004-20231215-en
General
-
Target
1eda2450c248fcaa44aa2f112d1410f3.bin
-
Size
3.9MB
-
MD5
8f549d1b82af53640ac3fd021eea8aa5
-
SHA1
360cb537ba95e2605422c0c33548b9db11e0e3c3
-
SHA256
40e33ee3a3def63b3f4fdaa5f2bdc94a503b9a45871d51682b3402f76d93a1e0
-
SHA512
0a75ced054613bb0453cbd6ddd6cf5f7baee9d7df42c735fa0697dec93e628c64f52aba73a973d3aeb2682765c345c09868c8045197e41d5d6b3fe18876b707d
-
SSDEEP
98304:9KYKW8vk7jIl6CUg1D8gfzjDuGIQisthwhbCtXw7BF5XHK:9fh8vcfCUg9XDS4hkbfFFHK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/c73bb19710439d291c7c21e3632ca7122fc85c14b0eecaaaeeda92daf5a833ae.exe
Files
-
1eda2450c248fcaa44aa2f112d1410f3.bin.zip
Password: infected
-
c73bb19710439d291c7c21e3632ca7122fc85c14b0eecaaaeeda92daf5a833ae.exe.exe windows:1 windows x86 arch:x86
Password: infected
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.clam01 Size: 7.2MB - Virtual size: 7.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE