Static task
static1
Behavioral task
behavioral1
Sample
7468b2db67d7df89dc67b64c6a6a487bc67da85c11e03036b26290d8218101a6.exe
Resource
win7-20231129-en
General
-
Target
23e189bd0552c1601a8e0f9ba8d15c86.bin
-
Size
613KB
-
MD5
6af06a39ddf0516bdd3ff308ce84dbda
-
SHA1
abaeaeeeba18e01607c982d84fd9190e65b8184b
-
SHA256
03cdb6eead77b0a609a60ddef6c91098950256ecff7218f6c623ba8d5b3db1f2
-
SHA512
f1d9c6fe1d54898e5599e0d50de9a5ae1caccef73c8e1bd0d3d56b0c011be438920653eca281d93cd8c931883e3f4b6c95a1e7f50d4116f5c304f8eafdfb8ccd
-
SSDEEP
12288:mi3ZqAQ0ZdsDBNceF6K3ejCR+6+7jWAHJIWq/wmaCo9RUfO6b:lQv07sDQeFvR+6u6AHJIH9aCo7UfOc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/7468b2db67d7df89dc67b64c6a6a487bc67da85c11e03036b26290d8218101a6.exe
Files
-
23e189bd0552c1601a8e0f9ba8d15c86.bin.zip
Password: infected
-
7468b2db67d7df89dc67b64c6a6a487bc67da85c11e03036b26290d8218101a6.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ