Static task
static1
Behavioral task
behavioral1
Sample
7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.exe
Resource
win10v2004-20240412-en
General
-
Target
7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.zip
-
Size
669KB
-
MD5
648b260c2e18c52bfd8f8add6623a957
-
SHA1
ae894bc10fa4e163288f5c478b339ca361729cd2
-
SHA256
7c300f7ab5c7b6e94a47551cd260ed1206a8bd12464cdec10411110e734041ec
-
SHA512
8a04f4e6980fe04df408b8f69e03032564537a1e3dd43f5acfcd87af669ff207d02a50e8b3c254266337cf99fc71f485fbadfa253d5f5f9caed746f02665f3e9
-
SSDEEP
12288:Rsd0AkLMKuAkp2s2lqoEU0i/B8BQyeQyMLJTEfFkrDjZcJ/xiuHOb703R3+:CdeuAu2sYqG0u4QyeQyMdmFkA/Exl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.exe
Files
-
7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.zip.zip
Password: infected
-
7628ace4f2627bc65377a8123ce9e05849e4e4b3fd5b862e03ffcee42274ccfb.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 698KB - Virtual size: 697KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ