Static task
static1
Behavioral task
behavioral1
Sample
1d5692148172354fedfed8e9e8f368a59a8c2c6372c7885e80087d9ba5ad76c1.exe
Resource
win7-20240221-en
General
-
Target
3b8907deb97d9b980e44e2450773345676d90f1cca5d45802ce21d7c63d66b1f
-
Size
568KB
-
MD5
ab0d734a4c97e26b56197f48c3807b34
-
SHA1
06bee203d3872f2c2242e972ac38e44dd31baaf5
-
SHA256
3b8907deb97d9b980e44e2450773345676d90f1cca5d45802ce21d7c63d66b1f
-
SHA512
ba6bbdd3414b14341c8d0ce0e0761f6b8d3b37f172b925ffa2d3ddbbdb1194377c09184bbf6b2f879bb2e406831abf3b3814312e22bce63b7de208d7e95ad378
-
SSDEEP
12288:R018SFaKDk7Aq0QUdi8Fh4QwdVTMZDnuOLjLfQSxf4DeSIpEPByviWs:Re8SFaK20xi8Fh4XED9QSxf46NviWs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/1d5692148172354fedfed8e9e8f368a59a8c2c6372c7885e80087d9ba5ad76c1.exe
Files
-
3b8907deb97d9b980e44e2450773345676d90f1cca5d45802ce21d7c63d66b1f.zip
Password: infected
-
1d5692148172354fedfed8e9e8f368a59a8c2c6372c7885e80087d9ba5ad76c1.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 595KB - Virtual size: 595KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ