Static task
static1
Behavioral task
behavioral1
Sample
4f16c358a21341ad3fb5a46dc87e1cedb74759373ef97df755b8660ff1e6211c.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
4f16c358a21341ad3fb5a46dc87e1cedb74759373ef97df755b8660ff1e6211c.exe
Resource
win10v2004-20240412-en
General
-
Target
0820b1d34fb9c3ea2831e889d8e1d477.bin
-
Size
110KB
-
MD5
3c3d7b4470d81cb0768643f495eb511a
-
SHA1
754ddca1c8e9ae14d237d0bddece5331d3a4eb90
-
SHA256
b6caa8b57a01383322a5d689fbdd609d3c4487c01fca57ef2e523c490e4a00ad
-
SHA512
0d5373b02a8ffb11923cc788f312f21634f1d3efc61429e609bc4609b31874188072a0f5b7905befd1e4940c162b5a9fee675b0e5d9ad656289f0a4451bde16e
-
SSDEEP
3072:pQVxPoLFvfXspCRFhSCmH4ALGgxoKDEjTfEpeX5hn1x6shz6vs:pIopvfXKCRFXSZKgxjpg5x1xDzz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/4f16c358a21341ad3fb5a46dc87e1cedb74759373ef97df755b8660ff1e6211c.exe
Files
-
0820b1d34fb9c3ea2831e889d8e1d477.bin.zip
Password: infected
-
4f16c358a21341ad3fb5a46dc87e1cedb74759373ef97df755b8660ff1e6211c.exe.exe windows:5 windows x86 arch:x86
Password: infected
4e06c011d59529bff8e1f1c88254b928
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_mbsstr
memset
_mbsnbcpy
Sections
.text Size: 114KB - Virtual size: 116KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 1024B - Virtual size: 864B
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE