Static task
static1
Behavioral task
behavioral1
Sample
45bdc1b6250045529b8332c7fcca84f7215c66de929b2ae7a10be86fee2924c5.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
45bdc1b6250045529b8332c7fcca84f7215c66de929b2ae7a10be86fee2924c5.exe
Resource
win10v2004-20240226-en
General
-
Target
c162b87e2f415151fa28e048cf2a8220.bin
-
Size
648KB
-
MD5
bd113238af922f2416c4a20bb6a69b77
-
SHA1
ff7c1cc7f2c6d327deb7cd754ec1e212324e4804
-
SHA256
4d738066a9e021887acb0c329f6c42040bffdd9b18916cc30a2a9d3b3403942f
-
SHA512
94514b0c3c21dcb774029b17639cedbb157b5cee7d43b8fbdba398135ef07fd0e223c88832ab148d65deb7a2523e79cd4e726f23272ddf4abba1a358f3205a3f
-
SSDEEP
12288:Q4cKEITj5fLvlWhm1Ee6t7/e02dTBMb3q812xAxy9W:QfjIT9fLJEB/wTBca8126xIW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/45bdc1b6250045529b8332c7fcca84f7215c66de929b2ae7a10be86fee2924c5.exe
Files
-
c162b87e2f415151fa28e048cf2a8220.bin.zip
Password: infected
-
45bdc1b6250045529b8332c7fcca84f7215c66de929b2ae7a10be86fee2924c5.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 633KB - Virtual size: 633KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 219KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ