Resubmissions
22-01-2024 09:39
240122-lmz71sdgd9 10Static task
static1
General
-
Target
56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe
-
Size
95KB
-
MD5
301f43abf8e0293a1f6c7f3018b3985b
-
SHA1
86bd09a7e1a60b2d40d9fdaf55832274d6b9b7f3
-
SHA256
c2f81beffc6d4363344d6cd111a621b7f3510b2f288e21de60abeb4ae53ed728
-
SHA512
74119473a06ea077526903e2fa7704067fead69cf779843c4c7baf38dc80cd65d33df281941192b7d54d51b9974240f0a720d4ef58770be431d02e16ea0442fc
-
SSDEEP
1536:Np6BOG0WlphZAc2NE+Ig5LEN0vrx++ZnZDemJi5TWXjc64yBqD40RgUGIeptpG+u:L5G0WzPADa2bzTeYAoo6GEQfGIeA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Device/HarddiskVolume3/Users/User1/Desktop/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235/C/ProgramData/Sentinel/AFUCache/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe
Files
-
56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe.zip
Password: S1P@ssw0rd
-
Device/HarddiskVolume3/Users/User1/Desktop/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235/C/ProgramData/Sentinel/AFUCache/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe.exe windows:6 windows x64 arch:x64
Password: S1P@ssw0rd
ccf5b7744abd75e2692f1db42cf2f740
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
CloseHandle
GetLocalTime
WriteConsoleW
CreateFileW
SetFilePointerEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetFileType
SetStdHandle
GetStringTypeW
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
user32
wsprintfW
ws2_32
WSAGetLastError
htons
Sections
.text Size: 167KB - Virtual size: 167KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
manifest.json