Static task
static1
Behavioral task
behavioral1
Sample
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Resource
win7-20240221-en
General
-
Target
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip
-
Size
6.8MB
-
MD5
12b05ad4b0ba8b518a554d68bc7bb53a
-
SHA1
4c78b063415ac44567b3cfb874e2f4864a056b5d
-
SHA256
4ab70a12b8a81b51e56a13ec1e8a32ab46a1066303392f04aced2c4674274ad5
-
SHA512
8115f6348605dcb3a533aff3e4933098fba636fd6a2611a1636d9418708c735d1f7a9e87a133758b9145ceb4490a6eee712249784319dd74b612e591c587d75d
-
SSDEEP
196608:8JQ4uQNarS9upHA/+IfW2na7BhnX2/GJHWm+pZkE0G5g:UNsEuNA/+p2na7X2g2m+p+E0Ig
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe
Files
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.zip.zip
Password: infected
-
b9503635ef25a584476f71aa4a010b3978ee04e8a956e810b71b05bbef32bb07.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 6.9MB - Virtual size: 6.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ