Static task
static1
Behavioral task
behavioral1
Sample
ce055a8a032fb468ce38a511a5ff3a4ca08736fc08b2d3744879800067fe7d6a.exe
Resource
win7-20240221-en
General
-
Target
ce055a8a032fb468ce38a511a5ff3a4ca08736fc08b2d3744879800067fe7d6a.zip
-
Size
2.2MB
-
MD5
1c68d1d29add1d7450782354c9308620
-
SHA1
03248744105212676b19d20a9876d04ad61a4fa4
-
SHA256
9d970a4aad65dec1ba7abec175196e1d869e9d8e0321b41a145e360746ddf419
-
SHA512
bbcefc8f9fe173b3fbb7a30e2c8aa3ab7eb5a688ae6ecafa85df249378749291fd938ec4490459d748d16fc343e573f3b65afb48b66d40f98d1864db8e78aeae
-
SSDEEP
49152:PIeHC2CkVtRt0ey0hYW1cMTFcaCptxLtYLxh7gPw18t1W+HY1VYh0t:geHC2ZZyCDcMTyn9tdwMW+HYI0t
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/ce055a8a032fb468ce38a511a5ff3a4ca08736fc08b2d3744879800067fe7d6a.exe
Files
-
ce055a8a032fb468ce38a511a5ff3a4ca08736fc08b2d3744879800067fe7d6a.zip.zip
Password: infected
-
ce055a8a032fb468ce38a511a5ff3a4ca08736fc08b2d3744879800067fe7d6a.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ