Static task
static1
Behavioral task
behavioral1
Sample
3592d42bcd4e637e9f179e9a6a1ed0a7200bd3b5ee52f8c498eac7b837daa318.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3592d42bcd4e637e9f179e9a6a1ed0a7200bd3b5ee52f8c498eac7b837daa318.exe
Resource
win10v2004-20240412-en
General
-
Target
ee76ead5010ac49d08146eda3d608aaeeb94ff3a89950d4cee73aa2c19a0bea2
-
Size
180KB
-
MD5
0d7476ba2827ca26555c864f123ee775
-
SHA1
10481df002b323cd74395bb882a4deb0d47bf2c1
-
SHA256
ee76ead5010ac49d08146eda3d608aaeeb94ff3a89950d4cee73aa2c19a0bea2
-
SHA512
19c3eb19092954e84d91c7473dbc6401089f90a1c73fe230b5a56e87463f42aa2f8443006d4b2e534a650644261af0201115d179a2ad6c8d639c3a4122a129e7
-
SSDEEP
3072:6LKpQDxmM5mUWZyO9DSSg2dAMqnVAfZCl4Zn/gn/lSoP3IsusKkKka:SKpQDb5mUW8EDSsYmfgWZnon/lTfIsuX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/3592d42bcd4e637e9f179e9a6a1ed0a7200bd3b5ee52f8c498eac7b837daa318.exe
Files
-
ee76ead5010ac49d08146eda3d608aaeeb94ff3a89950d4cee73aa2c19a0bea2.zip
Password: infected
-
3592d42bcd4e637e9f179e9a6a1ed0a7200bd3b5ee52f8c498eac7b837daa318.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 171KB - Virtual size: 171KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ