Resubmissions
16-04-2024 08:53
240416-ktedfsff7w 10Static task
static1
Behavioral task
behavioral1
Sample
003c78df2e77687e1b28a9b498152cff4ce27ab0bef5f65b3a2c00b37ef49c13.exe
Resource
win7-20240221-en
General
-
Target
003c78df2e77687e1b28a9b498152cff4ce27ab0bef5f65b3a2c00b37ef49c13.exe
-
Size
697KB
-
MD5
8ab428444842653c6ebf5a71f14f80e2
-
SHA1
780f71e211c5dbe9e37805fdcbaf88359651f7b2
-
SHA256
003c78df2e77687e1b28a9b498152cff4ce27ab0bef5f65b3a2c00b37ef49c13
-
SHA512
37bf000a2407a9eac7d8006fec624de07e036c6ec711e95ef15b749cb532a762af2c822089e9f25a3b450a1a9b335ce4193c9a57fc6219054569bf1997e9f79d
-
SSDEEP
12288:jJFKeIV/ORw6mBTCz2BqbKKsobl9XGzwHJeL7dIh89zwHJeo:HC+hbK5ox9XcwpeLkmwpeo
Malware Config
Signatures
-
Detects executables packed with SmartAssembly 1 IoCs
Processes:
resource yara_rule sample INDICATOR_EXE_Packed_SmartAssembly -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 003c78df2e77687e1b28a9b498152cff4ce27ab0bef5f65b3a2c00b37ef49c13.exe
Files
-
003c78df2e77687e1b28a9b498152cff4ce27ab0bef5f65b3a2c00b37ef49c13.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 447KB - Virtual size: 447KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 249KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ