Static task
static1
Behavioral task
behavioral1
Sample
f871f023c7864ce803def3b7ff3ddf709ce75f87cf9283a5ed81a3f51ab02d19.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
f871f023c7864ce803def3b7ff3ddf709ce75f87cf9283a5ed81a3f51ab02d19.dll
Resource
win10v2004-20231222-en
General
-
Target
aa2d29352302aa06cccb1651b2490e4c.bin
-
Size
449KB
-
MD5
d90701b16fe20d52b5e1c28cdecf3ce3
-
SHA1
0245f40d416a594f30d7612586572e09efd08da1
-
SHA256
66e18168009973ea1079d215cea3a3c52f9cb9077d7a4483cfc7b623c0ddd00f
-
SHA512
0e27694aa8f53f91d68e8fd9e514dc905ca61655fb7aeb2ecb0b24aea03f5eeacfee2cae8f16e0f0b63d58f821881bee04c2a8c1f5e2fcf8d3042376c97b97a9
-
SSDEEP
12288:ZTUeO89NAduLT8fAUFQxl82IYduDTpm8MSD0B4:ZTUo9qQ/84yQxl9uRPge
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/f871f023c7864ce803def3b7ff3ddf709ce75f87cf9283a5ed81a3f51ab02d19.dll
Files
-
aa2d29352302aa06cccb1651b2490e4c.bin.zip
Password: infected
-
f871f023c7864ce803def3b7ff3ddf709ce75f87cf9283a5ed81a3f51ab02d19.dll.dll windows:10 windows x86 arch:x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ