Static task
static1
Behavioral task
behavioral1
Sample
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Resource
win7-20240221-en
General
-
Target
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip
-
Size
6.8MB
-
MD5
a071dab777d746cc6ed859126fabb4b2
-
SHA1
d20bf744292b30b74b3b53b3641fe65b387d2054
-
SHA256
e670b713bf8e5b21e797c74bd5e952579c8b7c66affb85e5bc6fbd1f38f5a7ce
-
SHA512
78b457e59f9045fdac5c2545569661132b2a0fe7672d51c420141b7d0072b567aeb3627f556f2fe86f2139c8ccb36c9a046a1cf846af0cd56dc051d3e224c6ec
-
SSDEEP
196608:PLQmKd38khB2P7MQP883QJIKQYiEkuHau4if16B8dNRaF:DQmAM9oQPPmr6/icB8dE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Files
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip.zip
Password: infected
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 6.9MB - Virtual size: 6.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ