Static task
static1
Behavioral task
behavioral1
Sample
72f5f9230c025a393d1362241679fd0dd5c48b7e3786591f35b3f74eccf53978.exe
Resource
win7-20231215-en
General
-
Target
c185fbe98786544b6f15036ba2ab7318.bin
-
Size
1.1MB
-
MD5
29771b689903b3193625939b30952b7b
-
SHA1
1f12cf0413bc3634047f08680d688aa4d0fc7c14
-
SHA256
6823d41fc053e26eb1f5728c307aec14226c46febea64a40a0feab46335f80a0
-
SHA512
0cb1624d6dcde4b01a27e5a36db2bfc9c9d5bb2701f0b786374c742b60c084709325c8449a5fd2db2afd0d31f788cab23dac29e2570100349da591212223e94f
-
SSDEEP
24576:6xDUy5KYMZVw2r8WPwOgLmAh6a5BmbilpsNml2zY:6x4ySVxnPcLJjqNml28
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/72f5f9230c025a393d1362241679fd0dd5c48b7e3786591f35b3f74eccf53978.exe
Files
-
c185fbe98786544b6f15036ba2ab7318.bin.zip
Password: infected
-
72f5f9230c025a393d1362241679fd0dd5c48b7e3786591f35b3f74eccf53978.exe.exe windows:4 windows x64 arch:x64
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ