Static task
static1
Behavioral task
behavioral1
Sample
D3ccF8FfwAXrqsU.exe
Resource
win7-20231215-en
General
-
Target
8b339a5e726368abe21ee9b43d96b47b
-
Size
865KB
-
MD5
8b339a5e726368abe21ee9b43d96b47b
-
SHA1
85c377409456eb8239b271453072d8baaf226cb2
-
SHA256
e799f03398518b0c8ae8003d570dcee1a41cecdb77157efcc1057e983bff56e9
-
SHA512
c9e547d5493408c57e6d438305fe6b155b47c83f53542c39c436731d0be7d9b4467674b89c5da9bcab70616196aa37b638cc3de4755165ebb57a548f8ec9e9bc
-
SSDEEP
24576:Qn4NLYhpmpnasBKhvW15icGHJA/rVqf1ZsGVf03:QnCYu4sBKw15L41r03
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/D3ccF8FfwAXrqsU.exe
Files
-
8b339a5e726368abe21ee9b43d96b47b.eml
-
http://www.alibinali.com
-
https://www.google.com/maps/place/Ali+Bin+Ali+Medical/@25.272738,51.544858,17z/data=!3m1!4b1!4m2!3m1!1s0x3e45c5649df6ff1f:0x7a18951bd0ab6022?hl=en
-
-
Business Introduction and Ordering Confirmation 2021.rar.rar
-
D3ccF8FfwAXrqsU.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 131KB - Virtual size: 130KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
email-html-2.txt.html
-
email-plain-1.txt
-
image.png.png