Static task
static1
Behavioral task
behavioral1
Sample
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Resource
win7-20240319-en
General
-
Target
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip
-
Size
6.8MB
-
MD5
1b26b4a676974dfad2240135c3674c21
-
SHA1
e2632a919307ceb021ad18c1f4bf972a9ed38cbb
-
SHA256
e9745a246dc5a180c024cf78f20ac067068dc157ad278329126edb83eabfe07f
-
SHA512
522707dafa715f0e355b07ca68f23ebfa821ee479b7a3e02e3bd493ca0537e390d8b9fbe7a554288318c313c33f6bb530ce131f62718353a46f2a29a5a1f5e7f
-
SSDEEP
196608:OwlBjKNN2NZZxzzzKMrpwl0kU5Z7yK6rpZzKnS:OmAkNZZzx7WDrpZb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Files
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip.zip
Password: infected
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 6.9MB - Virtual size: 6.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ