Behavioral task
behavioral1
Sample
484c77e2fbbe44f0edf0eb59e77b1e5a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
484c77e2fbbe44f0edf0eb59e77b1e5a.exe
Resource
win10v2004-20240226-en
General
-
Target
484c77e2fbbe44f0edf0eb59e77b1e5a.bin
-
Size
8.1MB
-
MD5
484c77e2fbbe44f0edf0eb59e77b1e5a
-
SHA1
e65b59a40e6cc861e88d4ebae1a753bfc89b92d4
-
SHA256
474805ace0e25200cf213d31a90444070ebdc68ac80841f3bcb414af0566da33
-
SHA512
51c5349e0b52d1c8e02b93ab079be41275ff76a41b6b404972eb696869e4ad704b434a92d5c94bf153794c12e3454d58b04bc75615132570afadf2b76b167923
-
SSDEEP
98304:9iy+j3/y+SE5USLbS3kkM+b25Iz9CSPv2qmxqboYhtRFXSYweFsWxVTqPkuUXqKX:srj3KuC0WeqHbokvXoeFv3qcMm
Malware Config
Signatures
-
Aurora family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 484c77e2fbbe44f0edf0eb59e77b1e5a.bin
Files
-
484c77e2fbbe44f0edf0eb59e77b1e5a.bin.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.MPRESS1 Size: 3.0MB - Virtual size: 8.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.MPRESS2 Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE