Static task
static1
Behavioral task
behavioral1
Sample
eff673e5ff24a753d775c93914d2468bd6bb51ec301115ff6f894f7917c37e4e.exe
Resource
win7-20240221-en
General
-
Target
eff673e5ff24a753d775c93914d2468bd6bb51ec301115ff6f894f7917c37e4e
-
Size
12.6MB
-
MD5
828b92bff3093ae4a7de625ff52d4db9
-
SHA1
22e4fd97c83e8693aeea7c62f0f58e59b3bfba5d
-
SHA256
eff673e5ff24a753d775c93914d2468bd6bb51ec301115ff6f894f7917c37e4e
-
SHA512
be7e08fb9af8cff2f8173876b87ab591cf094bcdbdfdb76ef52be24beb83882bc928f06a96ba4cd979fc51ab41c98369473d5bff767520615cc40c78efdbb6ed
-
SSDEEP
196608:wblRO/sYnmyz4TmbLjR7CoK1D+aNOFpuKxDCpNsbw8GzN9iBl4TEatLkvjSMc:emmyz4TmN+oK1+HVefsbw8/oTLh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource eff673e5ff24a753d775c93914d2468bd6bb51ec301115ff6f894f7917c37e4e
Files
-
eff673e5ff24a753d775c93914d2468bd6bb51ec301115ff6f894f7917c37e4e.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
@u&N0 Size: 153KB - Virtual size: 153KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 12.4MB - Virtual size: 12.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
R :[?q^M Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ