Static task
static1
Behavioral task
behavioral1
Sample
3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe
Resource
win10v2004-20240412-en
General
-
Target
b3605edf698023865b1e65852ff9e627.bin
-
Size
221KB
-
MD5
166c87f2ebf5aaf46e4b76e60e05cab4
-
SHA1
1485057e94213a1d02a1c10f59f1d50e53cb0871
-
SHA256
cd6b323e455ad47f4b395e8ee8e9a921b5bc22d180f2e1dfcab964ed17857ad0
-
SHA512
f656b649375cb7ca72a910188474e16fc8b99485844d7067773e621a5795a55ba68381083c6f888c5bcd808140cda32cf0b68189e564c3025fc48c9cc51a4acb
-
SSDEEP
3072:YjIMKa+pXv+dRd3L4Rsn9efjz8JWvEtcfwXbqWhvqI11LV2UDfXM0zdfxy/093TZ:bbp6+/Iy8G92ZTDdJycRT5X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe
Files
-
b3605edf698023865b1e65852ff9e627.bin.zip
Password: infected
-
3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 432KB - Virtual size: 431KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ