Static task
static1
Behavioral task
behavioral1
Sample
Avi-2-GBA/Gameboy-Advance.net.url
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Avi-2-GBA/Gameboy-Advance.net.url
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Avi-2-GBA/Meteo.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
Avi-2-GBA/Meteo.exe
Resource
win10v2004-20240412-en
General
-
Target
Avi-2-GBA 2.zip
-
Size
3.7MB
-
MD5
4b2421fdb79e08ee984c3c9f1f842c8b
-
SHA1
9aa77b3533df299b7e036d2d1014b31525296730
-
SHA256
bcd53141ec6f0cb49a84e1a11b1520851e769e3b6195b6d4872944c0faa7df3b
-
SHA512
803fca800f8b1ccb4c2e559e178aced97d48995db49570c3be6c903e6486c79e408f00ba839bb6b7bc74bd24bea4477d0b10bb6fec00dea696b3d4a5506a9f6f
-
SSDEEP
98304:komdaQ98K/Y85gYSrXAaNuZna+YJoE4ZUT:Ng98f85gYa7NuZnFO7v
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Avi-2-GBA/Meteo.exe
Files
-
Avi-2-GBA 2.zip.zip
-
Avi-2-GBA/Gameboy-Advance.net.url
-
Avi-2-GBA/Meteo.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
SEX0 Size: - Virtual size: 148KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SEX1 Size: 78KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Avi-2-GBA/Readme.txt
-
Avi-2-GBA/in_the_crib.avi
-
__MACOSX/Avi-2-GBA/._in_the_crib.avi