Static task
static1
Behavioral task
behavioral1
Sample
money.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
money.exe
Resource
win10v2004-20231215-en
General
-
Target
a86160026f407d180e3a03f298e7d14a4f7ede83c13f76b1446bd46abfa14465
-
Size
586KB
-
MD5
17be0430ad49bae883d8c95bf844201b
-
SHA1
44ab7e8af68edbd72bce3f639a24056e69bebee0
-
SHA256
a86160026f407d180e3a03f298e7d14a4f7ede83c13f76b1446bd46abfa14465
-
SHA512
20452906c94e1805009d428230baf5e93b7bf2d909697ad653838b0e0bf9a7726d696f2a2b1249f54fa6137f9cd99839cb81f82da6ff0641a2a3993f95d04a08
-
SSDEEP
12288:hWggK7v5CUNzjxWmxQaT9FtzmxVuHVumIzAigW/tKpSkG0RweMcPM:h9vcUNz5PteVu1uNZgSPkG0WeLM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/money.exe
Files
-
a86160026f407d180e3a03f298e7d14a4f7ede83c13f76b1446bd46abfa14465.zip
-
money.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 628KB - Virtual size: 628KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ