Static task
static1
Behavioral task
behavioral1
Sample
90b0e81cae870478e28e0902f8011e63315394fab478fb790827d95d1c34ba6f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
90b0e81cae870478e28e0902f8011e63315394fab478fb790827d95d1c34ba6f.exe
Resource
win10v2004-20240412-en
General
-
Target
dbea3dd4d4c4211bb00b2c9cee809a50c0b149a436ea1f92f749637780c474de
-
Size
722KB
-
MD5
9b4ff975188a9123e5c239fe74de8fb4
-
SHA1
883dd47dcb17b8066b8ce0727c0de3d2dcd34b98
-
SHA256
dbea3dd4d4c4211bb00b2c9cee809a50c0b149a436ea1f92f749637780c474de
-
SHA512
1dd8759bdfaabd1fccb77275d02b5c29b0c38213487c388bcdaf93a677786e80f1a7e27034c5d1bebc71e786aa553441887f66bb49f3c87927f925b112548829
-
SSDEEP
12288:QwJjhNzUAF81nL+CX7bxnM6july/qUTIHiS8BMTWRJ82YkT4OXg+0AUcLclVZGVU:QwJ1NzXW1aS7dnMPs/qksK89UXgdcIVp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/90b0e81cae870478e28e0902f8011e63315394fab478fb790827d95d1c34ba6f.exe
Files
-
dbea3dd4d4c4211bb00b2c9cee809a50c0b149a436ea1f92f749637780c474de.zip
Password: infected
-
90b0e81cae870478e28e0902f8011e63315394fab478fb790827d95d1c34ba6f.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 706KB - Virtual size: 706KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 231KB - Virtual size: 230KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ