Static task
static1
Behavioral task
behavioral1
Sample
ZBrush.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
ZBrush.exe
Resource
win10v2004-20231215-en
General
-
Target
ZBrush.exe
-
Size
40.3MB
-
MD5
517c22b1ea3a179c6bc3917b3ea1bac7
-
SHA1
ef282aacbf2ba51ad136556f4ae11a8f4ca0b3f8
-
SHA256
317c09c5f9ce731372f3a1c5ece2f9b6a29c9d7dbac119798519a756c3e1b0e0
-
SHA512
ab3aee7fe136cc441e7918740a74644a0aeb35cd6b45e767f6e0203224d4c2d7bf82a6e619da0189fe66e2f10a34c75c5576cf0e6dadbfb7dead974d5c3f1455
-
SSDEEP
786432:izwFNg/+QzsijaibWQimpadP0Hv81W73ADMkpkur+Qev6dhP6k2:i2NgWKnWaimEMHvK03ADrpBQk2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ZBrush.exe
Files
-
ZBrush.exe.exe windows:6 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.... Size: - Virtual size: 432.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.... Size: 40.2MB - Virtual size: 40.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE