Static task
static1
Behavioral task
behavioral1
Sample
61e2a9db8f357380b18ba1017f2ae52d656d2c5f4de8851e244566b8c986d88a.exe
Resource
win7-20240221-en
General
-
Target
82df9d1ee9b303d453a7ea91d5f574e2.bin
-
Size
523KB
-
MD5
0a67d6aac27d657bb43151bee5ff487d
-
SHA1
5c09734bda5b822f16c903ef90a0571de485690c
-
SHA256
b09907806726122d410e726d60702ff11439231957a66f78681cad9bd52b87cd
-
SHA512
e34626b19ca52e1b54a9f63d0238e8be6f0751a886a71cdb9633154057560a190adecfa45dc207fb06e48516764c8d902272b19b910e127fdc51ac08688b7b80
-
SSDEEP
12288:qqcY/aCOGOvukn02qpluZrlCR1DmxhEzqxlHN03SbX:bcY/lOm005KRgKhEm/G0X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/61e2a9db8f357380b18ba1017f2ae52d656d2c5f4de8851e244566b8c986d88a.exe
Files
-
82df9d1ee9b303d453a7ea91d5f574e2.bin.zip
Password: infected
-
61e2a9db8f357380b18ba1017f2ae52d656d2c5f4de8851e244566b8c986d88a.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 787KB - Virtual size: 787KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 780B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ