Static task
static1
Behavioral task
behavioral1
Sample
d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230.exe
Resource
win10v2004-20240226-en
General
-
Target
d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230.exe
-
Size
775KB
-
MD5
94f2ae1b5174532d81d5ea169b7f7726
-
SHA1
a6f144862293920e5376e5b53a1723502c9de2fb
-
SHA256
d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230
-
SHA512
297ad4f0d9368a9b64c0b1fa06daa8fbd4e93c9cb917b9c1245b761e1aa059c951883ec343767c2ed5668d262161ec5b37ce9d1fa5733e96cf2bfc9b80c517c8
-
SSDEEP
6144:otQiMdN7Lcgh1yba6tPIyJJ8thhzzb84f8r7SzCx16Nm/7UMGLEfSAB2c6H5RNov:X7JYbtPX23fffzjA/oMFiT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230.exe
Files
-
d1b0b9a6b80f54be2a14ff19f3bd682185848d92443fa555a08cb07fa630a230.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 350KB - Virtual size: 349KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 424KB - Virtual size: 423KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ