Static task
static1
Behavioral task
behavioral1
Sample
KZWCMNWmmqi9lvI.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
KZWCMNWmmqi9lvI.exe
Resource
win10v2004-20240412-en
General
-
Target
30121f858baf2593206744c6938684926726b4d6b24679fa6e7bb7e4b0c74204.rar
-
Size
657KB
-
MD5
5218c73347af9657ae365ccfa0c9a796
-
SHA1
165af2270057cac4ec51de6e28e503c624ce4cba
-
SHA256
30121f858baf2593206744c6938684926726b4d6b24679fa6e7bb7e4b0c74204
-
SHA512
99e1c19e4b758399af15fdc3eb275c3b0c1f4fc62155e5ebc6e54329d75e82e61546eae147b303fab35bfee104a6881838afea8d2ac446d657b7c9e684c5874e
-
SSDEEP
12288:CQ6/Ovt/7r2HGVLoKv+J4ZpeK09yYQko1mXI9oOC5Oeht7cSdcZK7MaPvCN25pGJ:Cty/7r2AoKvlOl9yYDq9BC5R9GZJi5oJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/KZWCMNWmmqi9lvI.exe
Files
-
30121f858baf2593206744c6938684926726b4d6b24679fa6e7bb7e4b0c74204.rar.rar
-
KZWCMNWmmqi9lvI.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 717KB - Virtual size: 716KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ