Static task
static1
Behavioral task
behavioral1
Sample
8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9.exe
Resource
win10v2004-20240226-en
General
-
Target
fafaddbb1565d7ce0c43c349d7fe4858fffcdf1ef8d29f73b906d275209cf641
-
Size
444KB
-
MD5
e249ac1f7cd059785d965043b71fb539
-
SHA1
6443c7e8bc539a997ae27d031707af52c4211f0d
-
SHA256
fafaddbb1565d7ce0c43c349d7fe4858fffcdf1ef8d29f73b906d275209cf641
-
SHA512
556a67ad81d3ea8017f573e060ae5859f224456ad9366c4c6794b61d3cb15a6da969caa78753a5a41394de3e5cc08908f4b95877ac22b0be28ee7a03b2fc756f
-
SSDEEP
6144:WWH8/vsH4bU1emvbgboG8Qch8C5zPRsSXqnNXeKoKjwFklfO5MPtBJ7awX3NNd8S:BiVvMWsrRsS2NuYjmkl2qPNawX9D7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9.exe
Files
-
fafaddbb1565d7ce0c43c349d7fe4858fffcdf1ef8d29f73b906d275209cf641.zip
Password: infected
-
8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 765KB - Virtual size: 764KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ