Static task
static1
Behavioral task
behavioral1
Sample
Scan061120153800 jpeg.exe
Resource
win7-20240221-en
General
-
Target
Scan061120153800 jpeg.zip
-
Size
372KB
-
MD5
69b82d5a3f0a3599c3ebe743c986e159
-
SHA1
c01576679c99727519b47c0d8d3c4b5aabb2d600
-
SHA256
921f106e9b6d183cd63cbbf8a2200d1cd518e8efe053b6bd95995a700c7bca5f
-
SHA512
d9c94c239708eab6a2ecb4d842f57156d0a11f643ef8de8504b8ca079311f1c898cd3dc43fad57b6413db36b5c2c8f3d3608159a20af056d6e53ee8fb65f882e
-
SSDEEP
6144:5DY693MQ1Btd9I3ctDvZs6vIhmIFzojskfkUjGS4jS6bwpKED8u0gFPMXoBJZjFw:R993vd99hxxYowdUS/jS6bwB8u0gyXC6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Scan061120153800 jpeg.exe
Files
-
Scan061120153800 jpeg.zip.zip
Password: infected
-
Scan061120153800 jpeg.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 723KB - Virtual size: 722KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ