Static task
static1
Behavioral task
behavioral1
Sample
3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20.exe
Resource
win10v2004-20240226-en
General
-
Target
3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20
-
Size
662KB
-
MD5
349f17dbbb946bf88f86441a35ab8561
-
SHA1
c40216c6f241044260bc8a3e0501645a33a7aad8
-
SHA256
3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20
-
SHA512
ee7cbd7240e7440f22e32b920479e955a2fcedd39c8548eb25b71a5540c216472c9d025f92a8fcb6b557df94c0ea6af910f0515db1d67c364110a2aa1a855eac
-
SSDEEP
12288:vH2iNlw0i3nXIUjDYxIgCW3GQVKSUffm4LQ+B7sDisNdqcf:f1X4ndvyiW3GMKvr8Y78il
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20
Files
-
3009aee6f49e882e9f60bd0ed1063ce47225b88c0fc1a51a1b695e086b915d20.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 652KB - Virtual size: 650KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ