Static task
static1
Behavioral task
behavioral1
Sample
37be0861185e25e87d406031c55583d99260be44b6fe929a912aca4573d5ac5a.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
37be0861185e25e87d406031c55583d99260be44b6fe929a912aca4573d5ac5a.exe
Resource
win10v2004-20231215-en
General
-
Target
239eb6c56f0d54c11ddf2a826e4d6b73.bin
-
Size
4.0MB
-
MD5
468242b735a9aa8ab835a13324c6e882
-
SHA1
c1b733073b349285008fc13f44511589f3d67da1
-
SHA256
45aa9864de2122db4a5390da688bb7d0c6da02537540c1b5429f7fce23e2ca45
-
SHA512
64cd538ccac6f2bae78d30dbf12b0de0bed9ced46f4c43309db182acca0163efdb26d6c9c0d755799950b57b82607dc90fbf4903d1c5c50ab8ebc243e71c5ba6
-
SSDEEP
98304:wthKIBKmOnA4dm/we8Obv/9C3HhL9ZwMq3lCAopCCr0mcqf:Kh2BHs/whObXoHjZwZCAogqt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/37be0861185e25e87d406031c55583d99260be44b6fe929a912aca4573d5ac5a.exe
Files
-
239eb6c56f0d54c11ddf2a826e4d6b73.bin.zip
Password: infected
-
37be0861185e25e87d406031c55583d99260be44b6fe929a912aca4573d5ac5a.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 6.6MB - Virtual size: 6.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 147KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ