frpO.pdb
Static task
static1
Behavioral task
behavioral1
Sample
1c127eebd7d602e5dfd453c901c61d4f41304eaeee33d2aca87db7e08b0a6292.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c127eebd7d602e5dfd453c901c61d4f41304eaeee33d2aca87db7e08b0a6292.exe
Resource
win10v2004-20240412-en
General
-
Target
81a5a6119a2a82df63150320935426e78fae460ff61b0c38015d36fd6635f205
-
Size
853KB
-
MD5
1b752cc7b9129e41f0af6834ad602991
-
SHA1
4884074127fdec7c94670a26f9e889d75a778c9b
-
SHA256
81a5a6119a2a82df63150320935426e78fae460ff61b0c38015d36fd6635f205
-
SHA512
ea51b5510ffbf9eb395ba8685de9e2a1211fc7c47efbdc545f1fe4f83647876d4235008c00cb3e6b8c55223b11177950e035dc4435a221df8a91dfea7d588509
-
SSDEEP
24576:oRsMc1j3p6e+DGqe4eQLMNAqaqwHD/DiZLzUGn+it/h:VMc1jA56qPiAewHbeZLzF+C
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/1c127eebd7d602e5dfd453c901c61d4f41304eaeee33d2aca87db7e08b0a6292.exe
Files
-
81a5a6119a2a82df63150320935426e78fae460ff61b0c38015d36fd6635f205.zip
Password: infected
-
1c127eebd7d602e5dfd453c901c61d4f41304eaeee33d2aca87db7e08b0a6292.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 862KB - Virtual size: 862KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ