Static task
static1
Behavioral task
behavioral1
Sample
HS202410407 Elemento de proyecto MSMU5083745/HS202410407 Elemento de proyecto MSMU5083745.pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
HS202410407 Elemento de proyecto MSMU5083745/HS202410407 Elemento de proyecto MSMU5083745.pdf.exe
Resource
win10v2004-20240412-en
General
-
Target
eccad3e996e1e5b349d2d2625b41d42c.bin
-
Size
659KB
-
MD5
898a6ab799c9725d282202f00afe4a2c
-
SHA1
9b3fdad12d2c4c4b564d351ac484bab23e610be0
-
SHA256
ee03c8667eac870e7fcb5655ff09ddeebcab9cdf5227dacf1e038813ecb2997e
-
SHA512
40aad8c8f65c4495f5cf3c95c9820df399a15bf2a8ba88e76d416a85c52765c1c66955e85171dae88314b7a331eaa10195a6f32efde72d0e945514b6f224531c
-
SSDEEP
12288:7t1toakypfMtZgE1vkmbIR9a05E4IPcLLG3F6adM7y1i1NG/iuSSX0:51tzhCNz057LG1hA36/iuSA0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/HS202410407 Elemento de proyecto MSMU5083745/HS202410407 Elemento de proyecto MSMU5083745.pdf.exe
Files
-
eccad3e996e1e5b349d2d2625b41d42c.bin.zip
Password: infected
-
edce34e1a1a9923d4fd0926c9bfe8d4e9bc3b6b26776fbaee683a6c2286bb4e9.lzh.lzh
Password: infected
-
HS202410407 Elemento de proyecto MSMU5083745/HS202410407 Elemento de proyecto MSMU5083745.pdf.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 710KB - Virtual size: 709KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 66KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ