Static task
static1
Behavioral task
behavioral1
Sample
TelexCopy.exe
Resource
win10-20240319-en
Behavioral task
behavioral2
Sample
TelexCopy.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
TelexCopy.exe
Resource
win11-20240214-en
General
-
Target
TelexCopy.exe
-
Size
772KB
-
MD5
f2168cd60deb04a9bd7817f31468e9cd
-
SHA1
2ddc74827c961308aeba829606edb7268808e4ce
-
SHA256
3da2acf6472e1cbc00e90110332f20a9c70d8ed0561ccfd4fe78322cdeeea5b4
-
SHA512
92a3009b69df37b01e06e471a8915fad5c2f868a87d014eb278bcc53504a18c66a9d352e0fcc335b93ba38608a4bb91d05e9a5fab7438c585d26e17b51e13e99
-
SSDEEP
12288:h4rGJKaRASEDRkQmnG2J7SEONrr+x3yu2bpPUCgJIhVyD4JgnJzG2wtV:2rae9Nk3GaSEOZr+x2bpcCgJI/0Y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource TelexCopy.exe
Files
-
TelexCopy.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 662KB - Virtual size: 662KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ