Static task
static1
Behavioral task
behavioral1
Sample
f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae.exe
Resource
win10v2004-20231215-en
General
-
Target
f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae.7z
-
Size
233KB
-
MD5
a309dce5b991bde13b4fe0770f5f3860
-
SHA1
7e0e1606cfebf5b679e45049670752ee9fed1fa0
-
SHA256
91c614d4868abe9c71d77aa77e881851dec34524afff8cad20bdb2087e58433d
-
SHA512
7935779ea1c029c7632097737770cf3f279dd4dc2041b81b407ff190396f9300591182560a42d23d09c22ab11941619dd93b127cf013e36a54d22d4f67755e5a
-
SSDEEP
6144:8gt4IaaDrutt3ELM8o+KDkybQXP1pwdXSWy3gRQvu:1paaDqt6LMD+K2LwdXVAu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae
Files
-
f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae.7z.7z
Password: infected
-
f3e891a2a39dd948cd85e1c8335a83e640d0987dbd48c16001a02f6b7c1733ae.exe windows:5 windows x86 arch:x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 804KB - Virtual size: 803KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 57KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE