Static task
static1
Behavioral task
behavioral1
Sample
dbbaa8a3f350fc9ee75bc0d81c0ae4be1f0e53e62765900fac80f9f7ec541176.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dbbaa8a3f350fc9ee75bc0d81c0ae4be1f0e53e62765900fac80f9f7ec541176.exe
Resource
win10v2004-20240226-en
General
-
Target
a63a455053dc647a6ed1d8ecf2d07cadd4d21ec80f9ded05367cfd1bf45ea5f7
-
Size
850KB
-
MD5
2eb70edfc68ccf80df38406111758529
-
SHA1
768e39a6bdf6d6e43b1e30bf13ed6f929cbe879a
-
SHA256
a63a455053dc647a6ed1d8ecf2d07cadd4d21ec80f9ded05367cfd1bf45ea5f7
-
SHA512
a0378f6f8332900faab5f7d4aaa5ccb7cf742fc6df4eed4b7d0fdffd8d6ff2488e55d67e2a807ae4e68190dbcabc56606be937be65d675b4b1371e9064eb809d
-
SSDEEP
24576:1wOt9J2GIdNRbXJRTHdYsB5Z9NtEhXJbBRL48tXP:+O2HdnjbR9DdEVJtpz/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/dbbaa8a3f350fc9ee75bc0d81c0ae4be1f0e53e62765900fac80f9f7ec541176.exe
Files
-
a63a455053dc647a6ed1d8ecf2d07cadd4d21ec80f9ded05367cfd1bf45ea5f7.zip
Password: infected
-
dbbaa8a3f350fc9ee75bc0d81c0ae4be1f0e53e62765900fac80f9f7ec541176.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ