Start
Static task
static1
Behavioral task
behavioral1
Sample
4c83fa749481d0d8549034facf59317f713674625c990e83dcb6ec3e00fc2447.exe
Resource
win7-20240221-en
General
-
Target
04846dc5508416f587d93cf835520d8a.bin
-
Size
2.1MB
-
MD5
cdcf73aff24ec015ecd2f02d0f3582c0
-
SHA1
669718307c72bbf810ae1b20135137855ed493a5
-
SHA256
1f4c0ffe6a465dc997b31c9e15c9706caf6e2c712ef219e3137fbb03586d3dbf
-
SHA512
e6a8fb7ae4fc68dab9d80373747db9490769b417be26432fd06afd7bcebeb795792b11702064b8cac42fcf11f7f0dbfd0f8900dc5ac0cf353c4cc7ddf3190cf2
-
SSDEEP
49152:k2lnw6H/qQCd03RJrwCPowYI3XhgfsKasHQreKb3rsG0PU:k2a6H/5wIRJowQfshQQeKspPU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/4c83fa749481d0d8549034facf59317f713674625c990e83dcb6ec3e00fc2447.exe
Files
-
04846dc5508416f587d93cf835520d8a.bin.zip
Password: infected
-
4c83fa749481d0d8549034facf59317f713674625c990e83dcb6ec3e00fc2447.exe.exe windows:6 windows x86 arch:x86
Password: infected
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Exports
Exports
Sections
Size: 591KB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
plzndgzq Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
imnknifl Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE