Static task
static1
Behavioral task
behavioral1
Sample
PO%2373182.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PO%2373182.exe
Resource
win10v2004-20240226-en
General
-
Target
e65f8d2fdb468b6bc82596cb91c64e7ef3cd5ad4f5b1a5bfe8bbfbf15c918052
-
Size
632KB
-
MD5
fdc35abe4f2ad4fac43919771f92fa1b
-
SHA1
5cdbc4a072ba78be0017b676fadc4590dcbfdb33
-
SHA256
e65f8d2fdb468b6bc82596cb91c64e7ef3cd5ad4f5b1a5bfe8bbfbf15c918052
-
SHA512
d7f77b04e8a38ec47d2d3493b5d1ed713e2bcf61f7b0216cd6e68685e05b24c43de936e4c0e510e4e9fcf11b5752d271d049921e6d48789c3dfcb8263a071cd0
-
SSDEEP
12288:Ke0yeIxcqsBnanEtdtdps7N6LQfN2hKdQ0FuOno7cn2ESnFEyKjg/U:KBScpzuB6LQfNSpb7ISNU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PO%2373182.exe
Files
-
e65f8d2fdb468b6bc82596cb91c64e7ef3cd5ad4f5b1a5bfe8bbfbf15c918052.zip
-
PO%2373182.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 648KB - Virtual size: 647KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ