Static task
static1
Behavioral task
behavioral1
Sample
897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17.exe
Resource
win10v2004-20240419-en
General
-
Target
897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17
-
Size
819KB
-
MD5
b3357f4dfe7dbe081d64e8a95bcac220
-
SHA1
581795553739ed6c2bfa8f73c1c361c75f163dd6
-
SHA256
897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17
-
SHA512
f3e2eb82e0b5586d1d112ca0f632b33562411cc2804c9e1ffb153cf6c51fc0556d34184a99cd8ffd640bf65bc4c723e148878d5aea1f090a15860848410f6b33
-
SSDEEP
12288:1lqnHvjNIrpf9rN/mc/Ckm85fy1kOPJ1/Sp2oW0xj/R8+AU0YMa13nlZv:1wPjKr5BNDhm8561Op1W0t/RxAUlMGZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17
Files
-
897d8cdd092ed26be93e6cd9b384da90128f98d5b80e21ee95ca95ba5ce40f17.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 805KB - Virtual size: 805KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ