Static task
static1
Behavioral task
behavioral1
Sample
c608bad13d771ab0513dda4d2a74308e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c608bad13d771ab0513dda4d2a74308e.exe
Resource
win10v2004-20240226-en
General
-
Target
c608bad13d771ab0513dda4d2a74308e
-
Size
987KB
-
MD5
c608bad13d771ab0513dda4d2a74308e
-
SHA1
28c6a35084e0c1c8baeccd3b152e271ebd4b8613
-
SHA256
04898b092fa8d5ba20f679d63c489d261a1c33a15968799ef75b88e465480f26
-
SHA512
52e28f28076776e4264ec3ac20e6bf36df47b520feabad574eb235f65f79c0052a2d237206182169c54a14884bd5ce79ab91383caa66de678e5f264ae59a012c
-
SSDEEP
12288:CVAhmq89eAtZ0vZZuyGAM6YlDHV8F1FCBVRjxcmoG8NaZWXVpytUNWqSeGDsWv/o:PhCrrUuyGbQFuHxloG8NaZWF0YoyB
Malware Config
Signatures
Files
-
c608bad13d771ab0513dda4d2a74308e.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
Certificate
IssuerCN=www.Marketing.com,OU=Marketing,O=Marketing.com,L=Orlando,ST=Calfi,C=us,1.2.840.113549.1.9.1=#0c15636f6e74616374404d61726b6574696e672e636f6dNot Before13/07/2015, 01:49Not After12/07/2016, 01:49SubjectCN=www.Marketing.com,OU=Marketing,O=Marketing.com,L=Orlando,ST=Calfi,C=us,1.2.840.113549.1.9.1=#0c15636f6e74616374404d61726b6574696e672e636f6d5e:c5:3d:96:bc:0d:7e:0e:89:db:89:82:3b:60:ea:41:22:cb:59:a4Signer
Actual PE Digest5e:c5:3d:96:bc:0d:7e:0e:89:db:89:82:3b:60:ea:41:22:cb:59:a4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 966KB - Virtual size: 966KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ