Static task
static1
Behavioral task
behavioral1
Sample
rNCaukpK3Tw9M9Vl.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
rNCaukpK3Tw9M9Vl.exe
Resource
win10v2004-20231215-en
General
-
Target
rNCaukpK3Tw9M9Vl.exe
-
Size
675KB
-
MD5
acfe350dce2aafe85c835cdbbf7f5e95
-
SHA1
3af1ab824c6b5c6fff5195e12be8ec012297f7fb
-
SHA256
f3c7eadcb4f33542faae5f0640201d8c11df0121b9baf26320f2bc4ca2a8ae0d
-
SHA512
a1d62f7f9d98ab3c2c1004fddfb116427cb4561a0afaab05d57747f24035f1f2d79cf1a0a38745d952615df200e63ddb083ad852459fb627f551cd46de5114e6
-
SSDEEP
12288:4YLeQ5vzi0MTTEGhwbNfWuxvXFIs6FcAVNHMJhjB96QJJfnKRxZwH:xri0yvhwbNeux/ys6+ALELXnqU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource rNCaukpK3Tw9M9Vl.exe
Files
-
rNCaukpK3Tw9M9Vl.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 673KB - Virtual size: 672KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ